我需要使用nftables, 而不是iptables.
如何将以下内容转换为nftables格式而不是iptables?
sysctl net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -p tcp --dport 22 -j DNAT --to-destination "y.y.y.y"
iptables -t nat -A PREROUTING -j DNAT --to-destination "z.z.z.z"
iptables -t nat -A POSTROUTING -j MASQUERADE
答案1
这应该做你想要的:
sysctl net.ipv4.ip_forward=1
nft add rule nat prerouting tcp dport 22 dnat y.y.y.y
nft add rule nat prerouting dnat z.z.z.z
nft add rule nat postrouting masquerade