How to do masquerade using nftables in openwrt 23

Hi everyone, could anyone help me to convert the following iptables rule in a compatible persistent nftables rule for openwrt?

iptables -t nat -A POSTROUTING -s 192.168.11.17 -d 10.1.2.3 -o br-iot -j MASQUERADE

Thanks!

ip nat POSTROUTING oifname "br-iot" ip saddr 192.168.11.17 ip daddr 10.1.2.3 counter masquerade 

There's a useful command called "iptables-translate" that will translate iptables rules into nft rules, if possible.

iptables-translate -t nat -A POSTROUTING -s 192.168.11.17 -d 10.1.2.3 -o br-iot -j MASQUERADE
nft 'add rule ip nat POSTROUTING oifname "br-iot" ip saddr 192.168.11.17 ip daddr 10.1.2.3 counter masquerade'
1 Like

Run

nft list ruleset

You will find masquerade rule in hook steming from fw4 checkbox by default.
You can duplicate hook with new rule in /etc/nftables.d/*nft or add checkboxes to intrerfaces hiding bigger networks.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.