<html>
<head>
<base href="https://bugzilla.netfilter.org/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - can't use "priority dstnat" in "hook output" (or srcnat in input)"
href="https://bugzilla.netfilter.org/show_bug.cgi?id=1694">1694</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>can't use "priority dstnat" in "hook output" (or srcnat in input)
</td>
</tr>
<tr>
<th>Product</th>
<td>nftables
</td>
</tr>
<tr>
<th>Version</th>
<td>1.0.x
</td>
</tr>
<tr>
<th>Hardware</th>
<td>x86_64
</td>
</tr>
<tr>
<th>OS</th>
<td>All
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>minor
</td>
</tr>
<tr>
<th>Priority</th>
<td>P5
</td>
</tr>
<tr>
<th>Component</th>
<td>nft
</td>
</tr>
<tr>
<th>Assignee</th>
<td>pablo@netfilter.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>danw@redhat.com
</td>
</tr>
<tr>
<th>CC</th>
<td>fw@strlen.de
</td>
</tr></table>
<p>
<div>
<pre>The "dnat" command is usable from either "prerouting" or "output", but the
"dstnat" priority is only usable from "prerouting". (Likewise, "snat" is usable
from either "postrouting" or "input", but "srcnat" is only usable from
"postrouting".)
Maybe the priorities matter in the prerouting and postrouting chains, but not
in input and output? But if so, nothing in the man page or wiki explains that.
Also, the sample files (eg
<a href="http://git.netfilter.org/nftables/tree/files/nftables/ipv4-nat.nft?h=v1.0.8">http://git.netfilter.org/nftables/tree/files/nftables/ipv4-nat.nft?h=v1.0.8</a>)
use "type nat hook output priority -100" and "type nat hook input priority
100", implying that those hooks *are* supposed to use those priorities...</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are watching all bug changes.</li>
</ul>
</body>
</html>