On 5/28/22 13:20, Kamil Jońca wrote:
Lars Noodén <lars.nooden@xxxxxxx> writes:Hello, I'm working on traffic shaping with tc and have some old iptables rules with which I've tried to use iptables-translate to convert legacy instructions to nftables. For example, I have the following: iptables -t mangle -A OUTPUT -p tcp --match multiport \ --sports 22,1965 -j MARK --set-mark 100 and the result is, nft add rule ip mangle OUTPUT ip protocol tcp \ tcp sport {22,1965} counter meta mark set 0x64Blind shot: in nftables you have no OUTPUT chain by default so I suspect you have to create it manually. nft add chain ip mangle OUTPUT ... KJ
Thanks. I think that was it. I had to create both the table and the chain first. /Lars
