Hello,
I'm having trouble with moving from these snat rules:
chain source-nat {
type nat hook postrouting priority 100; policy accept;
ct state invalid drop;
ip saddr 10.0.0.0/24 oif enp7s0 snat to 192.168.10.8 persistent;
ip saddr 10.1.0.0/24 oif enp7s0 snat to 192.168.10.9 persistent;
}
to the one that uses maps based on
https://wiki.nftables.org/wiki-nftables/index.php/Multiple_NATs_using_nftables_maps
:
chain source-nat {
type nat hook postrouting priority 100; policy accept;
ct state invalid drop;
oif enp7s0 ip saddr maps {10.0.0.0/24 : 192.168.10.8,
10.1.0.0/24 : 192.168.10.9};
}
My problem is - I'm getting syntax error after checking config with "nft
-cf /etc/nftables.conf":
"/etc/nftables.conf:43:83-83: Error: syntax error, unexpected newline
oif enp7s0 ip saddr maps {10.0.0.0/24 : 192.168.10.8, 10.1.0.0/24 :
192.168.10.9};
^"
Could I ask you for a help?
System: Debian 12, Nftables 1.0.6
uname -a: 6.1.0-10-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.38-2
(2023-07-27) x86_64 GNU/Linux
-
Thank you for your help!
Mucha Marcin
