Sorry for the delay in answering.
I installed the development version of Ubuntu 16.10 with proposed
updates. With this version, nft -v reports version 0.5. My original set
of commands now works without crashing, so thanks for the advice to try
version 0.5.
However, this set of commands still fails:
# nft flush ruleset
# nft add table nat
# nft add chain nat output { type nat hook output priority 0 \; }
# nft add map nat outnat {type ipv4_addr : ipv4_addr\; }
# nft add element nat outnat { 172.16.1.1 : 8.8.8.8 , 172.16.1.2 : 8.8.4.4 }
# nft add rule ip nat output dnat ip daddr map @outnat
<cmdline>:1:1-48: Error: Could not process rule: Invalid argument
add rule ip nat output dnat ip daddr map @outnat
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
It looks as though I have a syntax error in the command, but I can't
find a good example to use as a template. Do I have the syntax wrong, or
is using a separate set like this not possible?
Thanks,
Steve.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
