Thanks Florian , I see some of the rules are missing Another translation missing - iptables-translate -t mangle -A rms0-pre -p tcp -j TPROXY --on-port 7881 --on-ip 0.0.0.0 --tproxy-mark 0x1/0x1 iptables-translate is not translating , please the below o/p nft # -t mangle -A rms0-pre -p tcp -j TPROXY --on-port 7881 --on-ip 0.0.0.0 --tproxy-mark 0x1/0x1 I have translated this to below : do you see any wrong in my translation please ==> nft add rule ip mangle rms0-pre meta l4proto tcp tproxy to :7881 mark set 0x1 Thanks Sree On Wed, Mar 6, 2024 at 12:52 PM Sreedhar M <sreemtech@xxxxxxxxx> wrote: > > Thanks Florian , I see some of the rules are missing > > Another translation missing - iptables-translate -t mangle -A rms0-pre -p tcp -j TPROXY --on-port 7881 --on-ip 0.0.0.0 --tproxy-mark 0x1/0x1 > iptables-translate is not translating , please the below o/p > nft # -t mangle -A rms0-pre -p tcp -j TPROXY --on-port 7881 --on-ip 0.0.0.0 --tproxy-mark 0x1/0x1 > I have translated this to below : do you see any wrong in my translation please > ==> nft add rule ip mangle rms0-pre meta l4proto tcp tproxy to :7881 mark set 0x1 > > Thanks > Sree > > > On Wed, Mar 6, 2024 at 9:40 AM Florian Westphal <fw@xxxxxxxxx> wrote: >> >> Sreedhar M <sreemtech@xxxxxxxxx> wrote: >> > Hello >> > I have some issues with nft socket module , please find this , I cant >> > get the socket functionality on nft that I was using iptables, could >> > you please advise >> > >> > iptables-translate -t mangle -A qrms0-pre -p tcp -m socket -j MARK --or-mark 0x1 >> > nft # -t mangle -A qrms0-pre -p tcp -m socket -j MARK --or-mark 0x1 >> >> Translation was missing. >> >> Try: >> nft 'add rule ip mangle qrms0-pre ip protocol tcp socket wildcard 0 counter meta mark set mark or 0x1' > > > > -- > Best Regards > Sreedhar -- Best Regards Sreedhar
