GitHub-Mirror/cjdns
0
0
Fork 0
mirror of https://github.com/cjdelisle/cjdns synced 2025-10-06 00:32:50 +02:00
Code Issues Releases Wiki Activity

Add nftables examples

Browse Source 
Provide nftables examples for nat6 masqerading.
This commit is contained in:
Avinash H. Duduskar
2021-01-22 23:13:08 +05:30
committed by GitHub
parent 403f68c3ec
commit ac98219789
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
doc/nat-gateway.md
View File

@@ -74,6 +74,12 @@ Now enter the ip6tables rules:
ip6tables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
ip6tables -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
ip6tables -A FORWARD -i eth1 -o eth0 -j ACCEPT
Or if you use nftables:
nft add rule ip6 nat POSTROUTING oifname "tun0" counter masquerade
nft add rule ip6 filter FORWARD iifname "tun0" oifname "eth0" ct state related,established accept
nft add rule ip6 filter FORWARD iifname "eth1" oifname "eth0" accept
Save the rules: