On Mon, Mar 11, 2019 at 09:44:03PM -0700, Paul Fontenot wrote: > Hello, > > I am trying to set up a test environment with nftables and I'm stuck. I have > included the iptables equivalent to what I'm trying to do in the hopes > someone can point me in the right direction. > > Here is the iptables rule I'm trying to recreate in nftables: > > iptables -A PREROUTING -i eth0 -s 138.68.14.134 -p tcp -m tcp --dport\ 15150 > -j DNAT --to-destination 192.168.0.2:15150 For direct rule translations, you can use iptables-translate: # iptables-translate -A PREROUTING -i eth0 -s 138.68.14.134 -p tcp -m tcp --dport 15150 -j DNAT --to-destination 192.168.0.2:15150 nft add rule ip filter PREROUTING iifname "eth0" ip saddr 138.68.14.134 tcp dport 15150 counter dnat to 192.168.0.2:15150 There's also: # iptables-restore-translate -f myruleset that takes the input file in iptables-restore format.
