W dniu 2023-08-02 13:10, Florian Westphal napisał(a):
Mucha Marcin, Sieciuch.com <m.mucha@xxxxxxxxxxxx> wrote:
Hello,
I'm having trouble with moving from these snat rules:
chain source-nat {
type nat hook postrouting priority 100; policy accept;
ct state invalid drop;
ip saddr 10.0.0.0/24 oif enp7s0 snat to 192.168.10.8
persistent;
ip saddr 10.1.0.0/24 oif enp7s0 snat to 192.168.10.9
persistent;
}
to the one that uses maps based on
https://wiki.nftables.org/wiki-nftables/index.php/Multiple_NATs_using_nftables_maps
:
chain source-nat {
type nat hook postrouting priority 100; policy accept;
ct state invalid drop;
oif enp7s0 ip saddr maps {10.0.0.0/24 : 192.168.10.8,
10.1.0.0/24 :
192.168.10.9};
}
My problem is - I'm getting syntax error after checking config with
"nft -cf
/etc/nftables.conf":
"/etc/nftables.conf:43:83-83: Error: syntax error, unexpected newline
oif enp7s0 ip saddr maps {10.0.0.0/24 : 192.168.10.8, 10.1.0.0/24
:
192.168.10.9};
^"
Could I ask you for a help?
Did you mean
oif enp7s0 snat to ip saddr map {10.0.0.0/24 : 192.168.10.8,
10.1.0.0/24 : 192.168.10.9 }
?
Thank you, now I understand my mistake.
