* ipsec matching in postrouting nat
@ 2020-06-20 20:33 Marek Greško
2020-06-20 21:00 ` Florian Westphal
0 siblings, 1 reply; 2+ messages in thread
From: Marek Greško @ 2020-06-20 20:33 UTC (permalink / raw)
To: netfilter
Hello,
I would like to write rule similar to:
iptables -t nat -A POSTROUTING -o ppp0 -m policy --dir out --pol ipsec -j RETURN
in nftables. But I am not successful.
I tried:
oifname "ppp0" meta secpath exists return
with no luck.
Is there some equvalent of the iptables command?
Thanks
Marek
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: ipsec matching in postrouting nat
2020-06-20 20:33 ipsec matching in postrouting nat Marek Greško
@ 2020-06-20 21:00 ` Florian Westphal
0 siblings, 0 replies; 2+ messages in thread
From: Florian Westphal @ 2020-06-20 21:00 UTC (permalink / raw)
To: Marek Greško; +Cc: netfilter
Marek Gre¨ko <mgresko8@gmail.com> wrote:
> Hello,
>
> I would like to write rule similar to:
>
> iptables -t nat -A POSTROUTING -o ppp0 -m policy --dir out --pol ipsec -j RETURN
>
> in nftables. But I am not successful.
>
> I tried:
>
> oifname "ppp0" meta secpath exists return
>
> with no luck.
>
> Is there some equvalent of the iptables command?
Try replacing 'meta secpath' with 'rt ipsec'
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-06-20 21:00 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-06-20 20:33 ipsec matching in postrouting nat Marek Greško
2020-06-20 21:00 ` Florian Westphal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox