Hi I don't know much about nftables, but I don't think that this is possible out of the box. According to this post, nftables has its own kernel-side interface, which Jool is currently not using: https://zasdfgbnm.github.io/2017/09/07/Extending-nftables/ You might want to file a bug requesting nftables support: https://github.com/NICMx/Jool/issues
On Thu, May 2, 2019 at 2:12 AM Nico Schottelius <[email protected]> wrote: > > > Good morning, > > I just wanted to give jool a try on a network that uses nftables. > Does anyone know how the mangle commands from the stateful NAT64 would > translate to nft? > > Specifically I am looking for translating the following ip(6)tables > commands: > > user@T:~# ip6tables -t mangle -A PREROUTING \ > > -d 64:ff9b::/96 \ > > -j JOOL --instance "example" > user@T:~# iptables -t mangle -A PREROUTING \ > > -d 203.0.113.1 -p tcp --dport 61001:65535 \ > > -j JOOL --instance "example" > user@T:~# iptables -t mangle -A PREROUTING \ > > -d 203.0.113.1 -p udp --dport 61001:65535 \ > > -j JOOL --instance "example" > user@T:~# iptables -t mangle -A PREROUTING \ > > -d 203.0.113.1 -p icmp \ > > -j JOOL --instance "example" > > > I am not sure how to translate the -j JOOL and --instance to nft speech. > > Any point would be appreciated! > > Best, > > Nico > > > > -- > Your Swiss, Open Source and IPv6 Virtual Machine. Now on > www.datacenterlight.ch. > _______________________________________________ > Jool-list mailing list > [email protected] > https://mail-lists.nic.mx/listas/listinfo/jool-list _______________________________________________ Jool-list mailing list [email protected] https://mail-lists.nic.mx/listas/listinfo/jool-list
