【记忆本】Debain 端口转发

https://access.redhat.com/documentation/zh-cn/red_hat_enterprise_linux/8/html/securing_networks/configuring-nat-using-nftables_getting-started-with-nftables

#!/usr/sbin/nft -f

flush ruleset

table ip nat {
	chain POSTROUTING {
		type nat hook postrouting priority srcnat; policy accept;

		ip saddr != 10.0.0.0/8 oifname "eth0" masquerade
	}

	chain PREROUTING {
		type nat hook prerouting priority dstnat; policy accept;
	}
}


table inet filter {
	chain input {
		type filter hook input priority 0;policy accept;
	}
	chain forward {
		type filter hook forward priority 0;policy accept;
	}
	chain output {
		type filter hook output priority 0;policy accept;
	}
}