On Tue, Jun 25, 2019 at 02:24:04AM +0200, Pablo Neira Ayuso wrote: > On Mon, Jun 24, 2019 at 06:49:41PM +0200, Florian Westphal wrote: > > Phil Sutter <phil@xxxxxx> wrote: > > > > Right. Do you think we should also add in inet-nat.nft example, > > > > or even replace the ipvX- ones? > > > > > > Having an inet family nat example would be wonderful! Can inet NAT > > > replace IPvX-ones completely or are there any limitations as to what is > > > possible in rules? > > > > I'm not aware of any limitations. > > Only limitation is that older kernels do not support NAT for the inet > family. OK, so maybe add inet NAT example but not delete ip/ip6 ones? What is the status regarding my patch, please? I think fixing netdev-ingress.nft location is unrelated to this discussion, right? Cheers, Phil
