On Mon, Sep 6, 2021 at 5:13 PM Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > Hi, > > On Mon, Sep 06, 2021 at 11:06:41AM +0800, Xiao Liang wrote: > > The lower bound must be the first value of the prefix to be coverted. > > For example, range "10.0.0.15-10.0.0.240" can not be converted to > > "10.0.0.15/24". Validate it by checking if the lower bound value has > > enough trailing zeros. > > # nft add rule x y ip saddr 10.0.0.15-10.0.0.240 > # nft list ruleset > ... > ip saddr 10.0.0.15-10.0.0.240 > > Is a different range that triggers the problem? Hi, Please try # nft add rule x y snat to 10.0.0.15-10.0.0.240
