@@ -423,7 +423,7 @@ Chains of this type perform Native Address Translation based on conntrack
entries. Only the first packet of a connection actually traverses this chain -
its rules usually define details of the created conntrack entry (NAT
statements for instance).
-|route | ip, ip6 | output |
+|route | ip, ip6, inet | output |
If a packet has traversed a chain of this type and is about to be accepted, a
new route lookup is performed if relevant parts of the IP header have changed.
This allows one to e.g. implement policy routing selectors in nftables.
@@ -56,7 +56,7 @@ set ip DSCP (diffserv) header field or ipv6 flow labels.
---------------------------------------
# redirect tcp:http from 192.160.0.0/16 to local machine for routing instead of bridging
# assumes 00:11:22:33:44:55 is local MAC address.
-bridge input meta iif eth0 ip saddr 192.168.0.0/16 tcp dport 80 meta pkttype set unicast ether daddr set 00:11:22:33:44:55
+bridge input meta iif eth0 ip saddr 192.168.0.0/16 tcp dport 80 meta pkttype set host ether daddr set 00:11:22:33:44:55
-------------------------------------------
.Set IPv4 DSCP header field
inet family supports route type. unicast pkttype changed to host pkttype. Signed-off-by: 谢致邦 (XIE Zhibang) <Yeking@Red54.com> --- doc/nft.txt | 2 +- doc/statements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)