On Fri, Aug 14, 2020 at 11:26:31PM +0200, Daniel wrote:
[...]
> UPDATE: I discover that the traffic I see on interface gretunnel is only the
> local generated one which is going out with the eth0 ipv6 address. I modify
> mangle table which now looks like
>
> # nft table mangle ip6
> #
> $fwtables delete table ip6 mangle 2>/dev/null || true
> $fwtables add table ip6 mangle 2>/dev/null || true
> $fwtables add chain ip6 mangle output "{ type nat hook output priority -199
> ; policy accept ; }"
Why chain type 'nat' ? Probably you meant to specify here 'mangle'.
NAT chains only see the first packet of flows.
