Hello
I have some NAT rules which worked fine till yesterday.
But those rules started failing after I upgraded to Linux Kernel 5.2
(Arch Linux)
Trimmed down version of rules are as follows:
# cat /etc/nft.conf
define localifaces = { "eth0" }
define http_redirect_port = 3128
flush ruleset
add table ip nat
add chain ip nat prerouting { type nat hook prerouting priority 0; }
add rule ip nat prerouting tcp dport 80 iifname $localifaces redirect to
$http_redirect_port
# nft -f /etc/nft.conf
nft1.conf:6:1-93: Error: Could not process rule: No such file or directory
add rule ip nat prerouting tcp dport 80 iifname $localifaces redirect to
$http_redirect_port
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Same rules work perfectly on Linux 4.19.57 and 5.1.16
# nft list table ip nat
table ip nat {
chain prerouting {
type nat hook prerouting priority filter; policy accept;
tcp dport 80 iifname { "eth0" } redirect to :3128
}
}
Am I doing something wrong? Or something changed in kernel 5.2?
Please check and guide,
Thank you
Amish
