#!/usr/sbin/nft -f

flush ruleset

table ip nat {
    chain prerouting {
        type nat hook prerouting priority 0; policy accept;
    }

    chain postrouting {
        type nat hook postrouting priority 0; policy accept;

        ip saddr 10.2.1.0/30 masquerade;
        ip saddr 172.17.0.0/16 masquerade;
    }
}