This is a multi-part message in MIME format.
I updated my virtual machine from Debian 12 to 13, after which it began
to work incorrectly with nftables. Incoming letters do not work,
nftables does not work correctly. It is impossible to receive or send a
letter in the local network. At the same time, from the external network (Internet, smartphone, neighbor's Wi-Fi) everything works. As soon as I
roll back to Debian 12, everything works again. nftables config: /etc/nftables.conf


#!/usr/sbin/nft -f

flush ruleset

table ip filter {

    chain input {
        type filter hook input priority 0; policy drop;

        iif "lo" accept

        tcp dport 22 accept
        #tcp dport 25565 accept

        tcp dport { 80, 443 } accept

        udp dport 64560 accept

                udp dport 22000 accept

        #tcp dport { 25, 587, 143, 993 } accept

        ip saddr 192.168.0.109 tcp dport 9100 accept

        ct state { established, related } accept
    }

    chain forward {
        type filter hook forward priority 0; policy drop;

        # VM & Proxmox - vmbr0
        #iifname "vmbr0" oifname "wg0" accept
        #iifname "wg0" oifname "vmbr0" accept

        #iifname "wg0" accept

        iifname "ens18" accept
    }

    chain output {
        type filter hook output priority 0; policy accept;
    }
}

table ip nat {
    chain prerouting {
        type nat hook prerouting priority 0;

        # mail
        tcp dport 25 dnat to 192.168.0.106
        tcp dport 143 dnat to 192.168.0.106
        tcp dport 587 dnat to 192.168.0.106
        tcp dport 993 dnat to 192.168.0.106
        tcp dport 25565 dnat to 192.168.0.111
        udp dport 64560 dnat to 192.168.0.107
        udp dport 22000 dnat to 192.168.0.103


    }

    chain postrouting {
        type nat hook postrouting priority 100;

        #ip daddr 192.168.0.106 masquerade
        #ip daddr 192.168.0.107 masquerade
        #ip daddr 192.168.0.111 masquerade


        oifname "ens18" masquerade
    }
}

<!DOCTYPE html>
<html>
<head>

<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<p><span dir="ltr" lang="ru"><span>
<div class="QFw9Te BLojaf">
<div class="hlJJmd">
<div class="D5aOJc Hapztf"></div>
<div class="Bmcqed" dir="ltr">
<div data-id="kvLWu"></div>
</div>
</div>
<div class="cEWAef"></div>
<div class="fXYY1b D5aOJc"></div>
<div id="ow6" __is_owner="true"></div>
</div>
</span></span></p>
<div class="DVHrxd"><span data-is-tooltip-wrapper="true"></span></div>
<span class="HwtZe" lang="en"><span class="jCAhz ChMk0b"><span
class="ryNqvb">I updated my virtual machine from Debian 12 to
13, after which it began to work incorrectly with nftables.</span></span>
<span class="jCAhz ChMk0b"><span class="ryNqvb">Incoming letters
do not work, nftables does not work correctly.</span></span> <span
class="jCAhz ChMk0b"><span class="ryNqvb">It is impossible to
receive or send a letter in the local network.</span></span> <span
class="jCAhz ChMk0b"><span class="ryNqvb">At the same time, from
the external network (Internet, smartphone, neighbor's Wi-Fi)
everything works.</span></span> <span class="jCAhz ChMk0b"><span
class="ryNqvb">As soon as I roll back to Debian 12, everything
works again.</span></span> <span class="jCAhz ChMk0b"><span
class="ryNqvb">nftables config: /etc/nftables.conf</span></span></span>
<p><br>
#!/usr/sbin/nft -f<br>
<br>
flush ruleset<br>
<br>
table ip filter {<br>
<br>
    chain input {<br>
        type filter hook input priority 0; policy drop;<br>
<br>
        iif "lo" accept<br>
<br>
        tcp dport 22 accept<br>
        #tcp dport 25565 accept<br>
<br>
        tcp dport { 80, 443 } accept<br>
<br>
        udp dport 64560 accept<br>
<br>
                udp dport 22000 accept<br>
<br>
        #tcp dport { 25, 587, 143, 993 } accept<br>
<br>
        ip saddr 192.168.0.109 tcp dport 9100 accept<br>
         <br>
        ct state { established, related } accept<br>
    }<br>
<br>
    chain forward {<br>
        type filter hook forward priority 0; policy drop;<br>
<br>
        # VM &amp; Proxmox - vmbr0<br>
        #iifname "vmbr0" oifname "wg0" accept<br>
        #iifname "wg0" oifname "vmbr0" accept<br>
<br>
        #iifname "wg0" accept<br>
<br>
        iifname "ens18" accept<br>
    }<br>
<br>
    chain output {<br>
        type filter hook output priority 0; policy accept;<br>
    }<br>
}<br>
<br>
table ip nat {<br>
    chain prerouting {<br>
        type nat hook prerouting priority 0;<br>
<br>
        # mail<br>
        tcp dport 25 dnat to 192.168.0.106<br>
        tcp dport 143 dnat to 192.168.0.106<br>
        tcp dport 587 dnat to 192.168.0.106<br>
        tcp dport 993 dnat to 192.168.0.106<br>
        tcp dport 25565 dnat to 192.168.0.111<br>
        udp dport 64560 dnat to 192.168.0.107<br>
        udp dport 22000 dnat to 192.168.0.103<br>
        <br>
        <br>
    }<br>
<br>
    chain postrouting {<br>
        type nat hook postrouting priority 100;<br>
<br>
        #ip daddr 192.168.0.106 masquerade<br>
        #ip daddr 192.168.0.107 masquerade<br>
        #ip daddr 192.168.0.111 masquerade<br>
<br>
<br>
        oifname "ens18" masquerade<br>
    }<br>
}<br>
<br>
</p>
</body>
</html>

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

please check if your network interface was not renamed and still the same:

        iifname "ens18" accept

...

        oifname "ens18" masquerade

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)