On Sat, Aug 19, 2017 at 07:07:41PM +0200, Pascal Hambourg wrote:
> Le 19/08/2017 à 16:16, khawar shehzad a écrit :
[SNIP]
> > My solution is like the following, which is not working.
> >
> > table ip6 natcap {
> > map natcap_vmap {
> > type ipv6_addr . ipv6_addr : verdict
> > elements = { 2001::20 . 2001::1:0:0:2 : accept}
> > }
> > chain prerouting_filter {
> > type filter hook prerouting priority -101; policy drop;
> > ip6 saddr . ip6 daddr vmap @natcap_vmap
> > }
> (...)
>
> What is this syntax ? This is not iptables.
It's nftables, the reason I joined this list (to get my head around nftables ;)
Cheers ... Duncan.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
