On 8/20/25 11:39, S Egbert wrote:
Take the following NFT snippet:
add table ip table_id # imperative
add chain ip table_id chain_id # imperative???
table ip table_id {
chain chain_id { # declarative
type nat hook input priority 0; policy drop;
ip daddr 192.168.1.100 dnat to 192.168.1.200;
};
};
Fails with:
add-chain.tp.nft:6:9-38: Error: Chain of type "nat" is not
supported, perhaps kernel support is missing?
type nat hook input priority 0; policy drop;
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
I believe the issue is that ``type nat`` is a table type than a chain
type, so it appears that you have that part of the declaration in the
wrong place (the policy portion is indeed for a chain.)
--
GF
