firewall/config/networks/nerim.nft

table inet firewall {

	map port_forwarding_tcp {
		type inet_proto . inet_service: verdict
		elements = {
			tcp . 23456: jump fwd_yann_minecraft,
			tcp . 22222: jump fwd_fabien_pathier,
		}
	}

	chain fwd_yann_minecraft{
		# Serveur minecraft Yann
		ip version 4 ip protocol tcp dnat to 10.2.4.29:23456
	}

	chain fwd_fabien_pathier{
		# Machine de Fabien Pathier accessible en SSH depuis l'extérieur
		ip version 4 ip protocol tcp dnat to 10.2.4.105:22
	}

	chain dnat_nerim {
		ip protocol . th dport vmap @port_forwarding_tcp
	}

	chain to_nerim {
		accept
	}

	chain from_nerim {
		accept
	}

	chain snat_nerim {
		log group 1 prefix "snat nerim:" masquerade
	}
}