Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Florian Westphal <fw@strlen.de>
To: ѽ҉ᶬḳ℠ <vtol@gmx.net>
Cc: netfilter@vger.kernel.org
Subject: Re: [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work
Date: Tue, 23 Jun 2020 23:23:23 +0200	[thread overview]
Message-ID: <20200623212323.GS26990@breakpoint.cc> (raw)
In-Reply-To: <87b5491f-dbd3-1f09-a9cb-303596da4e10@gmx.net>

ѽ҉ᶬḳ℠ <vtol@gmx.net> wrote:
> Since the ruleset that worked with kernel 4.19 did not anymore with kernel
> 5.4 (throwing segfault) I started from scratch to see what gives.
> 
> nft add table inet filter
> nft add chain inet filter input { type filter hook input priority 0 \; }
> nft add chain inet filter forward { type filter hook forward priority 0 \; }
> nft add chain inet filter output    { type filter hook output priority 0 \;
> }
> nft add table inet nat
> 
> Thus far good and then things go awry and the output does not help to
> understand what might be wrong:
> 
> nft add chain inet nat prerouting { type nat hook prerouting priority \-100
> \; }
> nft: unrecognized option: 1

If you use the shell, you should use single-quote for the entire
arguments.  nft 'add chain ...'

here, nft thinks you passed '-1' as an option.

> and next up
> 
> nft add chain inet nat postrouting { type nat hook postrouting priority 100
> \; }
> Error: Could not process rule: No such file or directory

inet nat depends on CONFIG_NF_TABLES_INET.

next prev parent reply	other threads:[~2020-06-23 21:23 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-06-23 20:38 [nft 0.9.3 | kernel 5.4.48] cannot get NAT to work ѽ҉ᶬḳ℠
2020-06-23 21:23 ` Florian Westphal [this message]
2020-06-23 21:34   ` ѽ҉ᶬḳ℠
2020-06-23 21:52     ` Florian Westphal
2020-06-23 22:12       ` ѽ҉ᶬḳ℠
2020-06-23 22:48         ` Florian Westphal
2020-06-23 23:11           ` ѽ҉ᶬḳ℠
2020-06-24  8:14             ` Florian Westphal
2020-06-24  8:47               ` ѽ҉ᶬḳ℠
2020-06-24  8:53                 ` Florian Westphal
2020-06-24  8:59                   ` ѽ҉ᶬḳ℠
2020-06-25  1:45                     ` Duncan Roe
2020-06-25  7:13                       ` ѽ҉ᶬḳ℠
2020-06-25  8:45                         ` ѽ҉ᶬḳ℠
2020-06-26  3:28                           ` Duncan Roe

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200623212323.GS26990@breakpoint.cc \
    --to=fw@strlen.de \
    --cc=netfilter@vger.kernel.org \
    --cc=vtol@gmx.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox