On Sun, Nov 05, 2023 at 10:26:17AM +0200, Anssi Saari wrote:
> Anyways, a typical masquerade rule would specify the source network and
> an outgoing interface. For example, I have in my Linux router:
>
> ip saddr 10.0.2.0/24 oifname "enp1s0" masquerade
>
> so for you that would become
>
> ip saddr 192.168.231.0/24 oifname "wlxe8de27a5ab1c" masquerade
I tried this line too, unforutately it does not work either.
I mean after executing the config file with this line it shows itself in
output of command 'nft list ruleset' but I still can not connect to
internet from my phone.
I tried many lines similar to this, none works:
ip saddr 192.168.231.3/24 ip daddr != 192.168.231.3/24 masquerade
ip saddr 192.168.231.0/24 ip daddr != 192.168.231.0/24 masquerade
ip saddr 192.168.231.0/24 oifname "wlxe8de27a5ab1c" masquerade
oifname "wlxe8de27a5ab1c" masquerade
I also noticed in output of 'nft list ruleset' that other rules there are
using capitalized letter so i try it too:
istead of chain postrouting {
I used chain POSTROUTING {
I also tried to put this command in table that already exist instead of
creating new one (masqrule) - instead of running my whole script I run
only one command (after reboot so there are no more changes made by me before):
nft add rule ip nat POSTROUTING oifname wlxe8de27a5ab1c masquerade
(note that here I used 'ip nat' table that is added autmaticaly by
docker server i guess)
Since nothing I tried does work I guess my next step should be to see
where/how those packets from phone are handled. I guess program for that
is tcpdump which I have installed. But since I am unfamiliar with this tool
I would need help from mailing list to guide me what to look for and how
to use this tool.
So please can you give me some info what command should I use with
tcpdump to see where packets from phone are going - or why they do not
go where they should?
Just a reminder - I can connect from phone to my computers web server - which
I also installed just for debugging this. The problem is I can not connect from
phone to internet (let say google.com)
Martin
