[Bug 1225] New: Nft syntax error (snat, dnat using multiple maps)

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Wed Feb 7 05:03:23 CET 2018


https://bugzilla.netfilter.org/show_bug.cgi?id=1225

            Bug ID: 1225
           Summary: Nft syntax error (snat, dnat using multiple maps)
           Product: nftables
           Version: unspecified
          Hardware: x86_64
                OS: Ubuntu
            Status: NEW
          Severity: normal
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: mskim128 at gmail.com

I use Ubuntu 17.10 (nftables v0.8, v0.8.2, kernel 4.13.0-25)

I'd like to use multiple NATs using nftables maps.

This looks something like this:

nft add rule nat postrouting snat \
      ip saddr map { 192.168.1.1 : 10.0.0.1, 192.168.1.2 : 10.0.0.2,
192.168.1.3 : 10.0.0.3 }

It works.


But, I want to use multiple maps. This looks something like this:

192.168.1.0/24 -> NAT -> 10.0.0.0/24
 (192.168.1.1 -> 10.0.0.1, 192.168.1.2 -> 10.0.0.2, ..., 192.168.1.254 ->
10.0.0.254)

nft add rule nat postrouting snat \
      ip saddr map { 192.168.1.0/24 : 10.0.0.0/24 }

However, error message is displayed.

root at two-All-Series:~# nft add rule nat postrouting snat \
>       ip saddr map { 192.168.1.0/24 : 10.0.0.0/24 }
Error: syntax error, unexpected /, expecting comma or '}'
add rule nat postrouting snat ip saddr map { 192.168.1.0/24 : 10.0.0.0/24 }
                                                                      ^

Thanks,

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20180207/18f50ad8/attachment.html>


More information about the netfilter-buglog mailing list