liminix-fork/nat.nft

17 lines
337 B
Text
Raw Normal View History

#!/usr/bin/nft -f
flush ruleset
table ip nat {
chain prerouting {
type nat hook prerouting priority 0; policy accept;
}
# for all packets to WAN, after routing, replace source address with primary IP of WAN interface
chain postrouting {
type nat hook postrouting priority 100; policy accept;
oifname "ppp0" masquerade
}
}