2024-04-20 02:19:43 +00:00
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_output \
|
2024-05-23 03:13:33 +00:00
|
|
|
iif \
|
2024-04-20 02:19:43 +00:00
|
|
|
virbr0 \
|
|
|
|
counter \
|
|
|
|
reject
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_input \
|
2024-05-23 03:13:33 +00:00
|
|
|
oif \
|
2024-04-20 02:19:43 +00:00
|
|
|
virbr0 \
|
|
|
|
counter \
|
|
|
|
reject
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_cross \
|
2024-05-23 03:13:33 +00:00
|
|
|
iif \
|
2024-04-20 02:19:43 +00:00
|
|
|
virbr0 \
|
2024-05-23 03:13:33 +00:00
|
|
|
oif \
|
2024-04-20 02:19:43 +00:00
|
|
|
virbr0 \
|
|
|
|
counter \
|
|
|
|
accept
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip6 \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_output \
|
2024-05-23 03:13:33 +00:00
|
|
|
iif \
|
2024-04-20 02:19:43 +00:00
|
|
|
virbr0 \
|
|
|
|
counter \
|
|
|
|
reject
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip6 \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_input \
|
2024-05-23 03:13:33 +00:00
|
|
|
oif \
|
2024-04-20 02:19:43 +00:00
|
|
|
virbr0 \
|
|
|
|
counter \
|
|
|
|
reject
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip6 \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_cross \
|
2024-05-23 03:13:33 +00:00
|
|
|
iif \
|
2024-04-20 02:19:43 +00:00
|
|
|
virbr0 \
|
2024-05-23 03:13:33 +00:00
|
|
|
oif \
|
2024-04-20 02:19:43 +00:00
|
|
|
virbr0 \
|
|
|
|
counter \
|
|
|
|
accept
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_output \
|
2024-04-20 02:19:43 +00:00
|
|
|
ip \
|
|
|
|
saddr \
|
|
|
|
192.168.122.0/24 \
|
2024-05-23 03:13:33 +00:00
|
|
|
iif \
|
2024-04-20 02:19:43 +00:00
|
|
|
virbr0 \
|
|
|
|
counter \
|
|
|
|
accept
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_input \
|
2024-05-23 03:13:33 +00:00
|
|
|
oif \
|
2024-04-20 02:19:43 +00:00
|
|
|
virbr0 \
|
|
|
|
ip \
|
|
|
|
daddr \
|
|
|
|
192.168.122.0/24 \
|
|
|
|
ct \
|
|
|
|
state \
|
|
|
|
related,established \
|
|
|
|
counter \
|
|
|
|
accept
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_nat \
|
2024-04-20 02:19:43 +00:00
|
|
|
ip \
|
|
|
|
saddr \
|
|
|
|
192.168.122.0/24 \
|
|
|
|
ip \
|
|
|
|
daddr \
|
|
|
|
'!=' \
|
|
|
|
192.168.122.0/24 \
|
|
|
|
counter \
|
|
|
|
masquerade
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_nat \
|
2024-04-20 02:19:43 +00:00
|
|
|
meta \
|
|
|
|
l4proto \
|
|
|
|
udp \
|
|
|
|
ip \
|
|
|
|
saddr \
|
|
|
|
192.168.122.0/24 \
|
|
|
|
ip \
|
|
|
|
daddr \
|
|
|
|
'!=' \
|
|
|
|
192.168.122.0/24 \
|
|
|
|
counter \
|
|
|
|
masquerade \
|
|
|
|
to \
|
|
|
|
:1024-65535
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_nat \
|
2024-04-20 02:19:43 +00:00
|
|
|
meta \
|
|
|
|
l4proto \
|
|
|
|
tcp \
|
|
|
|
ip \
|
|
|
|
saddr \
|
|
|
|
192.168.122.0/24 \
|
|
|
|
ip \
|
|
|
|
daddr \
|
|
|
|
'!=' \
|
|
|
|
192.168.122.0/24 \
|
|
|
|
counter \
|
|
|
|
masquerade \
|
|
|
|
to \
|
|
|
|
:1024-65535
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_nat \
|
2024-04-20 02:19:43 +00:00
|
|
|
ip \
|
|
|
|
saddr \
|
|
|
|
192.168.122.0/24 \
|
|
|
|
ip \
|
|
|
|
daddr \
|
|
|
|
255.255.255.255/32 \
|
|
|
|
counter \
|
|
|
|
return
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_nat \
|
2024-04-20 02:19:43 +00:00
|
|
|
ip \
|
|
|
|
saddr \
|
|
|
|
192.168.122.0/24 \
|
|
|
|
ip \
|
|
|
|
daddr \
|
|
|
|
224.0.0.0/24 \
|
|
|
|
counter \
|
|
|
|
return
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip6 \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_output \
|
2024-04-20 02:19:43 +00:00
|
|
|
ip6 \
|
|
|
|
saddr \
|
|
|
|
2001:db8:ca2:2::/64 \
|
2024-05-23 03:13:33 +00:00
|
|
|
iif \
|
2024-04-20 02:19:43 +00:00
|
|
|
virbr0 \
|
|
|
|
counter \
|
|
|
|
accept
|
|
|
|
nft \
|
|
|
|
-ae insert \
|
|
|
|
rule \
|
|
|
|
ip6 \
|
2024-04-29 18:06:55 +00:00
|
|
|
libvirt_network \
|
2024-04-29 18:21:14 +00:00
|
|
|
guest_input \
|
2024-04-20 02:19:43 +00:00
|
|
|
ip6 \
|
|
|
|
daddr \
|
|
|
|
2001:db8:ca2:2::/64 \
|
2024-05-23 03:13:33 +00:00
|
|
|
oif \
|
2024-04-20 02:19:43 +00:00
|
|
|
virbr0 \
|
|
|
|
counter \
|
|
|
|
accept
|