libvirt/tests/networkxml2firewalldata/nat-many-ips-linux.nftables

nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_output \
iif \
virbr0 \
counter \
reject
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_input \
oif \
virbr0 \
counter \
reject
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_cross \
iif \
virbr0 \
oif \
virbr0 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_output \
ip \
saddr \
192.168.122.0/24 \
iif \
virbr0 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_input \
oif \
virbr0 \
ip \
daddr \
192.168.122.0/24 \
ct \
state \
related,established \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
ip \
saddr \
192.168.122.0/24 \
ip \
daddr \
'!=' \
192.168.122.0/24 \
counter \
masquerade
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
meta \
l4proto \
udp \
ip \
saddr \
192.168.122.0/24 \
ip \
daddr \
'!=' \
192.168.122.0/24 \
counter \
masquerade \
to \
:1024-65535
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
meta \
l4proto \
tcp \
ip \
saddr \
192.168.122.0/24 \
ip \
daddr \
'!=' \
192.168.122.0/24 \
counter \
masquerade \
to \
:1024-65535
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
ip \
saddr \
192.168.122.0/24 \
ip \
daddr \
255.255.255.255/32 \
counter \
return
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
ip \
saddr \
192.168.122.0/24 \
ip \
daddr \
224.0.0.0/24 \
counter \
return
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_output \
ip \
saddr \
192.168.128.0/24 \
iif \
virbr0 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_input \
oif \
virbr0 \
ip \
daddr \
192.168.128.0/24 \
ct \
state \
related,established \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
ip \
saddr \
192.168.128.0/24 \
ip \
daddr \
'!=' \
192.168.128.0/24 \
counter \
masquerade
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
meta \
l4proto \
udp \
ip \
saddr \
192.168.128.0/24 \
ip \
daddr \
'!=' \
192.168.128.0/24 \
counter \
masquerade \
to \
:1024-65535
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
meta \
l4proto \
tcp \
ip \
saddr \
192.168.128.0/24 \
ip \
daddr \
'!=' \
192.168.128.0/24 \
counter \
masquerade \
to \
:1024-65535
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
ip \
saddr \
192.168.128.0/24 \
ip \
daddr \
255.255.255.255/32 \
counter \
return
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
ip \
saddr \
192.168.128.0/24 \
ip \
daddr \
224.0.0.0/24 \
counter \
return
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_output \
ip \
saddr \
192.168.150.0/24 \
iif \
virbr0 \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_input \
oif \
virbr0 \
ip \
daddr \
192.168.150.0/24 \
ct \
state \
related,established \
counter \
accept
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
ip \
saddr \
192.168.150.0/24 \
ip \
daddr \
'!=' \
192.168.150.0/24 \
counter \
masquerade
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
meta \
l4proto \
udp \
ip \
saddr \
192.168.150.0/24 \
ip \
daddr \
'!=' \
192.168.150.0/24 \
counter \
masquerade \
to \
:1024-65535
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
meta \
l4proto \
tcp \
ip \
saddr \
192.168.150.0/24 \
ip \
daddr \
'!=' \
192.168.150.0/24 \
counter \
masquerade \
to \
:1024-65535
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
ip \
saddr \
192.168.150.0/24 \
ip \
daddr \
255.255.255.255/32 \
counter \
return
nft \
-ae insert \
rule \
ip \
libvirt_network \
guest_nat \
ip \
saddr \
192.168.150.0/24 \
ip \
daddr \
224.0.0.0/24 \
counter \
return