On 05/11/2023 13:48, Tixy wrote:
On Sat, 2023-11-04 at 20:08 +0100, Martin wrote:
[...]
BTW putting above script into /etc/nftables.conf (at the bottom of file)
did not ever worked - I had always to run that file manualy as root.
Command 'nft list ruleset' only then showed this table.
I have no idea why. To me it seemed as if /etc/nftables.conf file
was not executed (I have rebooted many times so this file should run).
[...]
Did you enable the nftables service? To do that, use:
# systemctl enable nftables.service
and to see status of the service
# systemctl status nftables.service
It should be checked first and
journalctl -b -u nftables.service
alongside with searching for any nft messages in "journalctl -b". I
suggested earlier to read /usr/share/doc/nftables/README.Debian It
explicitly recommends to enable the service.
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP
group default qlen 1000
inet 192.168.231.3/24 brd 192.168.231.255 scope global enp3s0
I hope, your router allows to view configuration received from the DHCP
server. Since static addresses were working (and it can be rechecked), I
guess, gateway is not explicitly configured, so the router tries to send
packets to 192.168.231.1. Either change the interface IP or configure
dnsmasq to send 192.168.231.3.
To debug run wireshark or tcpdump on enp3s0 and wlxe8de27a5ab1c to check
that packets from the phone are properly received and routed.
Warning: if you have not configured network interfaces for DHCP in
dnsmasq then do it. Otherwise other computers connected to the upstream
WiFi link may receive DHCP leases emitted from wlxe8de27a5ab1c.
