Dear netfilter team.
I'm starting with nftables and trying to set an ssh port forwarding
from my firewall IP 192.168.1.252 to my dmz IP 10.0.0.2. But I get
this error:
-------
nft -cf nft/test.nft
nft/test.nft:30:62-65: Error: ip or ip6 must be specified with address
for inet tables.
add rule inet nat prerouting iifname $int_ext tcp dport 2222 dnat to 10.0.0.2:22
^^^^
-------
I let you a piece of my nftables script.
-------
table inet nat {
chain prerouting { type nat hook prerouting priority -400; policy accept; }
chain postrouting { type nat hook postrouting priority srcnat;
policy accept; }
}
#--------------PREROUTING-----------------
add rule inet nat prerouting iifname $int_ext tcp dport 2222 dnat to 10.0.0.2:22
#--------------FORWARD----------------- #
add rule inet filter FORWARD iifname $int_ext oifname $int_dmz ip
daddr 10.0.0.2/24 tcp dport 22 accept
add rule inet filter FORWARD iifname $int_dmz oifname $int_ext ip
saddr 10.0.0.2/24 tcp sport 22 accept
-------
Thank you for your time.
