Nftables: add support for nat table

roles/nftables/tasks/main.yml

@@ -16,6 +16,9 @@
     - 'filter-input.d'
     - 'filter-forward.d'
     - 'filter-output.d'
+    - 'nat-toplevel.d'
+    - 'nat-prerouting.d'
+    - 'nat-postrouting.d'
 - name: deploy nftables root configuration
   template:
     src: "nftables/nftables.conf.j2"

roles/nftables/templates/nftables/nftables.conf.j2

@@ -48,3 +48,16 @@ table inet filter {
         include "/etc/nftables/filter-output.d/*.conf"
     }
 }
+
+table inet nat {
+    include "/etc/nftables/nat-toplevel.d/*.conf"
+
+    chain prerouting {
+        type nat hook prerouting priority 100; policy accept;
+        include "/etc/nftables/nat-prerouting.d/*.conf"
+    }
+    chain postrouting {
+        type nat hook postrouting priority 100; policy accept;
+        include "/etc/nftables/nat-postrouting.d/*.conf"
+    }
+}