Should be "tap0" not "eth0" (of course). Sorry about that.
On Sun, Aug 20, 2023 at 08:47:48PM +1000, Ralph Ronnquist wrote:
> Ah, I forgot the "bring it up" command; you could verify this with
>
> # ipconfig -a
>
> That will present all interfaces; those that are down as well as those
> that are up.
>
> The additional command is:
>
> # ip link set dev eth0 up
>
> .. usually to be done after adding it and setting its IP address, but
> can be done after IP configuration as well.
>
> Ralph.
>
> You could verify beforhand with
>
> On Sun, Aug 20, 2023 at 12:27:30PM +0200, Mario Marietto wrote:
> > Finally,after a lot of kernel recompilations,I've been able to issue all
> > the commands suggested some time ago by @Ralph Ronnquist without getting
> > errors :
> >
> > # ip tuntap add tap0 mode tap
> > ok
> >
> > # ip address add 10.0.2.1/24 dev tap0
> > ok
> >
> > # sysctl net.ipv4.ip_forward=1
> > ok
> >
> > # net.ipv4.ip_forward = 1
> > ok
> >
> > # iptables -t nat -A POSTROUTING -o mlan0 -j MASQUERADE
> > ok
> >
> > Now,the problem is that I don't see any tap0 interface :
> >
> > # ifconfig
> >
> > docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
> > inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
> > ether 02:42:c9:04:eb:64 txqueuelen 0 (Ethernet)
> > RX packets 0 bytes 0 (0.0 B)
> > RX errors 0 dropped 0 overruns 0 frame 0
> > TX packets 0 bytes 0 (0.0 B)
> > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
> >
> > lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
> > inet 127.0.0.1 netmask 255.0.0.0
> > inet6 ::1 prefixlen 128 scopeid 0x10<host>
> > loop txqueuelen 1000 (Local Loopback)
> > RX packets 49 bytes 5414 (5.2 KiB)
> > RX errors 0 dropped 0 overruns 0 frame 0
> > TX packets 49 bytes 5414 (5.2 KiB)
> > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
> >
> > mlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
> > inet 192.168.1.6 netmask 255.255.255.0 broadcast 192.168.1.255
> > inet6 fe80::a200:9c1a:7783:969f prefixlen 64 scopeid 0x20<link>
> > ether 60:21:c0:e9:44:63 txqueuelen 1000 (Ethernet)
> > RX packets 264 bytes 31934 (31.1 KiB)
> > RX errors 0 dropped 0 overruns 0 frame 0
> > TX packets 237 bytes 33545 (32.7 KiB)
> > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
> >
> > Is this normal ?
> >
> > On Thu, Aug 17, 2023 at 3:15 PM Mario Marietto <marietto2008@???>
> > wrote:
> >
> > > Can someone help me,please,to understand how to fix it ?
> > >
> > > loziomario <https://www.reddit.com/user/loziomario/> :
> > >
> > > root@devuan:~# nft add table nat
> > >
> > > root@devuan:~# nft 'add chain nat postrouting { type nat hook postrouting
> > > priority 100 ; }'
> > >
> > > Error: Could not process rule: No such file or directory
> > >
> > > deeseearr <https://www.reddit.com/user/deeseearr/> :
> > >
> > > Your table has no family.
> > >
> > > You are also trying to add a chain to a table called "postrouting" in the
> > > "nat" family, which does not exist.
> > >
> > > All of your other rules are part of the "ip" family so this one should be
> > > roo.
> > >
> > > On Wed, Aug 16, 2023 at 9:33 PM Mario Marietto <marietto2008@???>
> > > wrote:
> > >
> > >> I've created a post on Reddit :
> > >>
> > >> https://www.reddit.com/r/devuan/comments/15swwij/neither_iptables_nor_nftable_are_working_for_me/
> > >>
> > >> where I tried to explain what my problem is. Unfortunately no one replied right now.
> > >>
> > >>
> > >> On Wed, Aug 16, 2023 at 7:13 PM Mario Marietto <marietto2008@???>
> > >> wrote:
> > >>
> > >>> They also suggest to check these kernel parameters :
> > >>>
> > >>> root@devuan:~# grep CONFIG_NF_TABLES_INET= /boot/config-`uname -r`
> > >>> CONFIG_NF_TABLES_INET=y
> > >>>
> > >>> root@devuan:~# grep CONFIG_NFT_COUNTER= /boot/config-`uname -r`
> > >>> CONFIG_NFT_COUNTER=y
> > >>>
> > >>> root@devuan:~# grep CONFIG_NFT_OBJREF= /boot/config-`uname -r`
> > >>> CONFIG_NFT_OBJREF=y
> > >>>
> > >>> but they seem correct,right ?
> > >>>
> > >>>
> > >>> On Wed, Aug 16, 2023 at 7:04 PM Mario Marietto <marietto2008@???>
> > >>> wrote:
> > >>>
> > >>>> Reading from here : https://unix.stackexchange.com/questions/537912/nftables-rule-no-such-file-or-directory-error
> > >>>>
> > >>>> I tried to do the following :
> > >>>>
> > >>>> root@devuan:~# nft add table ip filter
> > >>>>
> > >>>> root@devuan:~# nft add chain ip filter INPUT { type filter hook input priority 0 \; } # create chain
> > >>>> root@devuan:~# nft add rule ip nat POSTROUTING oifname "mlan0" counter masquerade
> > >>>> Error: Could not process rule: No such file or directory
> > >>>> add rule ip nat POSTROUTING oifname mlan0 counter masquerade
> > >>>> ^^^
> > >>>>
> > >>>> root@devuan:~# nft list ruleset
> > >>>> table ip filter {
> > >>>> chain INPUT {
> > >>>> type filter hook input priority filter; policy accept;
> > >>>> }
> > >>>> }
> > >>>>
> > >>>>
> > >>>>
> > >>>> On Wed, Aug 16, 2023 at 6:58 PM Mario Marietto <marietto2008@???>
> > >>>> wrote:
> > >>>>
> > >>>>> root@devuan:~# iptables-translate -t nat -A POSTROUTING -o eth0 -j
> > >>>>> MASQUERADE
> > >>>>> nft add rule ip nat POSTROUTING oifname "eth0" counter masquerade
> > >>>>>
> > >>>>> root@devuan:~# ifconfig
> > >>>>>
> > >>>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
> > >>>>> inet 127.0.0.1 netmask 255.0.0.0
> > >>>>> inet6 ::1 prefixlen 128 scopeid 0x10<host>
> > >>>>> loop txqueuelen 1000 (Local Loopback)
> > >>>>> RX packets 28 bytes 3449 (3.3 KiB)
> > >>>>> RX errors 0 dropped 0 overruns 0 frame 0
> > >>>>> TX packets 28 bytes 3449 (3.3 KiB)
> > >>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
> > >>>>>
> > >>>>> mlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
> > >>>>> inet 192.168.1.6 netmask 255.255.255.0 broadcast
> > >>>>> 192.168.1.255
> > >>>>> inet6 fe80::47b1:6a1e:c9a8:5e73 prefixlen 64 scopeid
> > >>>>> 0x20<link>
> > >>>>> ether 50:22:c1:e9:44:63 txqueuelen 1000 (Ethernet)
> > >>>>> RX packets 656 bytes 59350 (57.9 KiB)
> > >>>>> RX errors 0 dropped 0 overruns 0 frame 0
> > >>>>> TX packets 351 bytes 35970 (35.1 KiB)
> > >>>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
> > >>>>>
> > >>>>> root@devuan:~# nft add rule ip nat POSTROUTING oifname "mlan0"
> > >>>>> counter masquerade
> > >>>>>
> > >>>>> Error: Could not process rule: No such file or directory
> > >>>>> add rule ip nat POSTROUTING oifname mlan0 counter masquerade
> > >>>>> ^^^
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>> On Wed, Aug 16, 2023 at 1:03 PM wirelessduck--- via Dng <
> > >>>>> dng@???> wrote:
> > >>>>>
> > >>>>>>
> > >>>>>>
> > >>>>>> > On 16 Aug 2023, at 20:13, Mario Marietto <marietto2008@???>
> > >>>>>> wrote:
> > >>>>>> >
> > >>>>>> >
> > >>>>>> > It's too much out of my knowledge. I'm not able to understand
> > >>>>>> what's the correct syntax to use.
> > >>>>>>
> > >>>>>> The manpage for iptables-translate says it takes the same arguments
> > >>>>>> as iptables. You can try:
> > >>>>>>
> > >>>>>> iptables-translate -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> > >>>>>>
> > >>>>>> and that should output the equivalent nftables command. I don’t have
> > >>>>>> a terminal here to try that myself right now.
> > >>>>>>
> > >>>>>> Tom
> > >>>>>> _______________________________________________
> > >>>>>> Dng mailing list
> > >>>>>> Dng@???
> > >>>>>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
> > >>>>>>
> > >>>>>
> > >>>>>
> > >>>>> --
> > >>>>> Mario.
> > >>>>>
> > >>>>
> > >>>>
> > >>>> --
> > >>>> Mario.
> > >>>>
> > >>>
> > >>>
> > >>> --
> > >>> Mario.
> > >>>
> > >>
> > >>
> > >> --
> > >> Mario.
> > >>
> > >
> > >
> > > --
> > > Mario.
> > >
> >
> >
> > --
> > Mario.
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng