Nat Loopback not working with NFTables

Hi everyone,
I’m running 7.1.3 version on a Turris Omnia.
I try to transform my reflection iptables rules to nftables.
I’m have a web server in a dmz 172.20.1.100 and clients are located in the lan 192.168.1.0/24.
I used separate table to avoid mistake.

What’s wrong ?

table ip test {
	chain reflect2 {
		type nat hook postrouting priority 100; policy accept;
		ip saddr 192.168.1.0/24 ip daddr 172.20.1.100 snat to 192.168.1.1
	}

	chain reflect1 {
		type nat hook prerouting priority -100; policy accept;
		ip saddr 192.168.1.0/24 ip daddr 1.1.1.1 tcp dport 443 dnat to 172.20.1.100:443
	}
}

The syntax is correct but that not working …

I dont think this is correct in second rule reflect1
"ip daddr 1.1.1.1 "

1 Like

Yes you right, I just replaced my own public IP with this one …one.one …