Hello, On 2017-01-11, I wrote: > The Wiki on https://wiki.nftables.org mentions two priorities specifically available for NAT, -100 and 100. But of these two, the wiki's example for NAT only uses the value 100 for the postrouting chain. The prerouting chain has priority 0, and there is no difference between SNAT and DNAT. > > When I look at the ipv4-nat example which is shipped together with my nftables package, both chains use priority -150, though due to the Wiki, that value is used for mangling. > > And when I look at some online-exmaples, they use 0 for prerouting and postrouting. > > So, what are really the best values to use for priority in snat prerouting and postrouting and dnat prerouting and postrouting? Does "No answer in three weeks" mean that nobody here knows how to use these priority values for NAT chains? Though probably netfilter developers are reading this list? Regards Christoph -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
