[Jool-list] Using Jool with nftables
Nico Schottelius
nico.schottelius at ungleich.ch
Thu May 2 02:11:33 CDT 2019
Good morning,
I just wanted to give jool a try on a network that uses nftables.
Does anyone know how the mangle commands from the stateful NAT64 would
translate to nft?
Specifically I am looking for translating the following ip(6)tables
commands:
user at T:~# ip6tables -t mangle -A PREROUTING \
> -d 64:ff9b::/96 \
> -j JOOL --instance "example"
user at T:~# iptables -t mangle -A PREROUTING \
> -d 203.0.113.1 -p tcp --dport 61001:65535 \
> -j JOOL --instance "example"
user at T:~# iptables -t mangle -A PREROUTING \
> -d 203.0.113.1 -p udp --dport 61001:65535 \
> -j JOOL --instance "example"
user at T:~# iptables -t mangle -A PREROUTING \
> -d 203.0.113.1 -p icmp \
> -j JOOL --instance "example"
I am not sure how to translate the -j JOOL and --instance to nft speech.
Any point would be appreciated!
Best,
Nico
--
Your Swiss, Open Source and IPv6 Virtual Machine. Now on www.datacenterlight.ch.
More information about the Jool-list
mailing list