Add instructions how to use this feature for VyOS

[sever-sever]

It would be a good idea to add instructions on how to use it for VyOS.
Does it work if we install packages into the installed system, or should those packages be added to the /packages during a build?
What to do after installation?
Which modules have to be loaded and which nft commands are available with this feature?

[debiansid]

You can add them when you build iso or install them after your installation.

[sever-sever]

You can add them when you build iso or install them after your installation.

@debiansid Any docs about configuring the feature?
Thanks!

[debiansid]

Chion82/netfilter-full-cone-nat#42

[debiansid]

When I was using iptables I add this into  vyos-postconfig-bootup.script

##############################################
# FULLCONENAT Rules
iptables-legacy -t nat -I POSTROUTING -o pppoe0 -j F
ULLCONENAT
iptables-legacy -t nat -I PREROUTING -i pppoe0 -j FU
LLCONENAT
iptables-legacy -t nat -I PREROUTING -i eth0 -j FULL
CONENAT

[debiansid]

nftables like this

gw:/etc/nftables.d$ more fw4.nft
table inet fw4
delete table inet fw4

        table inet fw4 {
        chain dstnat {
                type nat hook prerouting priority dstnat; policy accept;
                iifname "ppp0" jump dstnat_wan
        }

        chain srcnat {
                type nat hook postrouting priority srcnat; policy accept;
                oifname "ppp0" jump srcnat_wan
        }

        chain srcnat_wan {
                fullcone
        }

        chain dstnat_wan {
                fullcone
        }
}

[debiansid]

You can add them when you build iso or install them after your installation.

@debiansid Any docs about configuring the feature? Thanks!

Remember to patch your kernel like mine https://github.com/ruaue/vyos-kernel-rolling