iptables-like NETMAP with nftables

Question

using nftables, I need to NAT an entire subnet to another one for example:

10.10.10.1 -> 10.200.0.1
10.10.10.2 -> 10.200.0.2
...
10.10.10.X -> 10.200.0.X

nftables docs here shows multiple NATs in one line, but how can I manage that use case if my subnet is /24 or bigger? Do I have to list hundreds of addresses manually?

I've looked documentation and examples but didn't found a solution.

Than you very much in advance.

Regards.

score 1 · Accepted Answer · answered May 18 '20 at 15:34

1

For now you can do it with bitwise operation:

ip saddr 10.10.10.0/24 snat to ip saddr & 255.0.0.255 | 0.200.0.0

"Proper" support is already in git.

answered May 18 '20 at 15:34

Tom Yan

715
2
9

iptables-like NETMAP with nftables

1 Answers1