Le 02/12/2014 23:15, Eric Leblond a écrit :
> Hi,
>
> On Tue, 2014-12-02 at 23:09 +0100, Jean-Philippe Menil wrote:
>> Hi,
>>
>> while playing with nftables, i observe that my iptables masquerading do not
>> work anymore:
>>
>> modprobe nft_nat
>> modprobe nft_chain_nat_ipv4
>> nft add table nat
>> nft add chain nat postrouting { type nat hook postrouting priority 0 \; }
>>
>> ^^ iptables nat stoped work here.
>>
>> I'm sure i read that nftables and iptables where compatible.
>>
>> Can anyone point me what am i missing ?
>>
>> (I'm on 3.17.4)
>
> Sadly, masquerade is requiring 3.18. Only standard NAT is implemented in
> 3.17.x.
>
> BR,
>
Hi Eric,
thanks for your response.
I've see on the wiki that masquerading require a 3.18 kernel.
But why juste adding the type nat hook with nftables, broke the iptables
masquerading?
There's no problem at all, i will upgrade to 3.18 for my tests.
Best regards.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
