Chilli and nftables

Hi,

in my chilli config I have 2 files that are called:

/etc/chilli/ipup.sh

if [ "$(iptables -L -v -n --line-numbers -t nat | grep MASQUERADE | grep -c $HS_WANIF)" -eq "0" ]; then
  iptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE
fi

if [ $(which ethtool) ]; then
  ethtool -K br-wifi gso off gro off tso off
  ethtool -K chilli gso off gro off tso off
  ethtool -K cpwlan0 gso off gro off tso off
fi

/etc/chilli/ipdown.sh

iptables -I POSTROUTING -t nat -o $HS_WANIF -j MASQUERADE

Even the default scripts that chilli uses has IPT rules and not NFT.
Does anyone have any solutions?

Best regards,
Michele Salerno

You need to replace nftables kmods for xtables and use iptables-nft via compat layer, coova module itself is not compatible with nftables nat/masquerade.

1 Like

Dictionary is xt->nf but you can reverse it.
https://wiki.nftables.org/wiki-nftables/index.php/Supported_features_compared_to_xtables

1 Like