nftables dnat forwarding is not working properly [closed]

systemd iptables arch-linux nftables dnat

Good day,

I am currently migrating from iptables to nftables. The problem is my systemd containers are running behind NAT, but I want to forward ports like 443 or 80 to them. There is no error message when I use the following set of commands, but neither do I get to my web server when I use nftables.

Many thanks in advance.

With best regards, Felix

EDIT.: The problem was solved by the helpful comments. Thank you!


Here are some steps you can take:

  1. Type nat hook prerouting priority 0; <-Should be -100 (minus hundred) according to NF_IP_PRI_NAT_DST netfilter constant
  2. Use "meta nftrace set 1" in prerouting and "nft monitor" for debug you packet flow
  3. Simplest ruleset to isolate problem and make example

I also have not working dnat. From one iface all OK but from other not.

Packets enter prerouting, dnat accepted But nothing happens after this. "Conntrac -E" does not see these packages.

Related

Need confirmation on how iSCSI RAID storage works
Virtual iSCSI linux -- share as ISCSI ExFat, but have it go to XFS?
Clone disk with multiple partitions using dd
Why GCP overrides my /etc/resolv.conf file and how to avoid it?
How can i access my ip:my port [closed]
How to tag IPv4 and IPv6 packets with different VLAN tags on a Linux box?
Forcing server as idle as possible (all OSes, but possibly illumos too)
How to test RAM if memtest86 freezes?
apache fails to get remote host name
Dovecot submission protocol keeps getting turned back on after Debian upgrade
OpenDKIM reports "signing table references unknown key" (CentOS 8)
`Access Denied` for some files, when syncing buckets