#!/usr/sbin/nft -f # /etc/nftables.conf flush ruleset # Define variables for interfaces and IP addresses define LAN = eth1 define WAN = eth0 define LAN_SUBNET = 10.100.2.0/24 define WAN_IP = 45.139.163.92 table inet nat { chain prerouting { type nat hook prerouting priority 0; } chain postrouting { type nat hook postrouting priority 100; oifname $WAN masquerade; } chain output { type nat hook output priority -100; } } table inet filter { chain input { type filter hook input priority 0; } chain forward { type filter hook forward priority 0; # Forward LAN traffic to WAN iifname $LAN ip saddr $LAN_SUBNET oifname $WAN accept; } chain output { type filter hook output priority 0; } }