summaryrefslogtreecommitdiff
path: root/etc/nftables.conf
diff options
context:
space:
mode:
Diffstat (limited to 'etc/nftables.conf')
-rw-r--r--etc/nftables.conf15
1 files changed, 15 insertions, 0 deletions
diff --git a/etc/nftables.conf b/etc/nftables.conf
index 1ec682d9..1fec22e2 100644
--- a/etc/nftables.conf
+++ b/etc/nftables.conf
@@ -39,6 +39,10 @@ table inet my_table {
type filter hook forward priority filter
policy drop
# Drop everything forwarded to us. We do not forward. That is routers job.
+
+ # needed for phantun
+ iifname pt0 accept
+ oifname pt0 accept
}
chain my_output {
@@ -47,3 +51,14 @@ table inet my_table {
# Accept every outbound connection
}
}
+
+table inet nat {
+ # needed for phantun https://github.com/dndx/phantun
+ # note here is postrouting not prerouting, server side phantun config is prerouting instead
+ chain postrouting {
+ type nat hook postrouting priority srcnat
+ policy accept
+ iifname pt0 oif enp3s0 masquerade
+ iifname pt0 oif wlp2s0 masquerade
+ }
+}