homemade_firewall/nat.nft

13 lines
285 B
Plaintext
Raw Normal View History

table nat {
chain prerouting {
type nat hook prerouting priority 0;
comment "this is necessary even if empty";
}
chain postrouting {
type nat hook postrouting priority 100;
comment "enable NAT for VPN";
iifname "tun0" oifname "eth0" ip saddr $VPN_SUBNET masquerade;
}
}