Hello
Le 16/09/2021 à 11:29, Pablo Neira Ayuso a écrit :
On Wed, Sep 08, 2021 at 11:33:02AM +0200, Daniel wrote:
Hi,
I get the following error with the above nft version, lan being the
interface name:
add element ip6 nat fwdtoip_tcp.lan { 1-65534 : 2001:db8:27b:10:ff9b::,
1-65534 : 2001:db8:27b:ff9b::c0a8:ad1}
with
add map ipv6_addr nat fwdtoip_tcp.lan { type inet_service : ipv6_addr\;
flags interval\; }
What's wrong here ? My goal being to redirect all (or range ports) external
traffic to another server.
Could you develop what your use-case is?
The above example says -in my mind ;)- that everything coming from
outside on ip
2001:db8:27b:10:ff9b:: should be redirect (symmetrical) to ip 2001:db8:27b:ff9b::c0a8:ad1
Keys uniquely identify an entry in a map, if you define two entries
with the same key, you hit this conflict interval error.
I see this like forward port:ip to port:anotherip
--
Daniel
