Не работают правила в nftables, хотя в ip{6}tables пашет. Правила ip{6}tables:
ip6tables -t nat -A POSTROUTING -o ens3 -j SNAT --to-source 2a01:4f8:***:***::5
iptables -t nat -A POSTROUTING -o ens3 -j SNAT --to-source 5.9.***.***
table ip nat {
chain postrouting {
oif ens3 snat 5.9.***.***
}
}
table ip6 nat {
chain postrouting {
oif ens3 snat 2a01:4f8:***:***::5
}
}
table inet filter {
chain input {
type filter hook input priority 0; policy accept;
ct state { established, related} accept
ct state invalid drop
iifname "lo" accept
ip protocol icmp accept
ip6 nexthdr ipv6-icmp accept
tcp dport ssh accept
meta nfproto ipv4 reject
}
chain forward {
type filter hook forward priority 0; policy accept;
drop
}
chain output {
type filter hook output priority 0; policy accept;
}
}
