[Bug 1410] New: STATELESS, rules with notrack into a map
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Feb 27 09:40:41 CET 2020
https://bugzilla.netfilter.org/show_bug.cgi?id=1410
Bug ID: 1410
Summary: STATELESS, rules with notrack into a map
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: e.lohmann at mdex.de
I would like to put rules like this into a map. But there is no command (set)
to use the map in raw, like we do it in STATEFULL with dnat / snat.
nft add rule raw PREROUTING ip daddr *publicIP* counter notrack ip daddr set
*privateIP*
nft add rule raw PREROUTING ip saddr *privateIP* counter notrack ip saddr set
*publicIP*
I do this in STATEFULL with:
dnat to ip daddr map @pubip_pre
snat to ip saddr map @pubip_post
Open for any discussion and questions, thanks in forward, eike.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20200227/45f20d88/attachment.html>
More information about the netfilter-buglog
mailing list