You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32 lines
882 B
32 lines
882 B
#!/usr/sbin/nft -f
|
|
|
|
destroy table ip libvirt-nat
|
|
|
|
##
|
|
## TODO
|
|
##
|
|
|
|
table ip libvirt-nat {
|
|
|
|
chain FORWARD {
|
|
type filter hook forward priority filter - 10
|
|
policy accept
|
|
|
|
# Accept packets related to existing connections
|
|
ct state invalid counter drop
|
|
ct state { established, related } counter accept
|
|
|
|
oifname "virbr0" ip daddr 192.168.122.2/24 tcp dport { 80, 9090 } ct state { new } counter accept
|
|
}
|
|
|
|
chain Pre-Routing {
|
|
type nat hook prerouting priority dstnat - 10
|
|
policy accept
|
|
|
|
# Redirect HTTP connections to the Nextcloud VM
|
|
iifname != "virbr0" ip daddr 192.168.2.0/24 tcp dport 80 counter dnat to 192.168.122.2
|
|
|
|
# Redirect Cockpit connections to the Nextcloud VM
|
|
iifname != "virbr0" ip daddr 192.168.2.0/24 tcp dport 9091 counter dnat to 192.168.122.2:9090
|
|
}
|
|
}
|
|
|