Hi,
I think the nat statements in the documentation can mislead the usage.
NAT STATEMENTS section in the documentation is like this,
snat to address [:port] [PRF_FLAGS]
snat to address - address [:port - port] [PRF_FLAGS]
snat to { ip | ip6 } address - address [:port - port] [PR_FLAGS]
dnat to address [:port] [PRF_FLAGS]
dnat to address [:port - port] [PR_FLAGS]
dnat to { ip | ip6 } address [:port - port] [PR_FLAGS]
masquerade to [:port] [PRF_FLAGS]
masquerade to [:port - port] [PRF_FLAGS]
redirect to [:port] [PRF_FLAGS]
redirect to [:port - port] [PRF_FLAGS]
It can misunderstand that you must append "to" string to use the snat, dnat,
masquerade and redirect statements, even though it may not be used.
e.g.,
% nft add rule nat postrouting masquerade
% nft add rule nat prerouting redirect
I think the document should be revised. What do you think?
