配置/etc/nftables.conf,如下示例
#!/usr/sbin/nft -f
flush ruleset
table ip filter {
chain input {
type filter hook input priority 0;
}
chain forward {
type filter hook forward priority filter; policy accept;
}
chain output {
type filter hook output priority 0;
}
}
table ip nat {
chain POSTROUTING {
type nat hook postrouting priority srcnat; policy accept;
iifname "wg2" oifname "eth0" counter masquerade
}
}systemctl enable nftables
然后重启系统
Views: 1