Add ability to create raw nftables rule
Open, NormalPublicFEATURE REQUEST
Actions

Edit Task
Edit Related Tasks...
Create Subtask
Edit Parent Tasks
Edit Subtasks
Merge Duplicates In
Close As Duplicate
Edit Related Objects...
Edit Commits
Edit Mocks
Edit Revisions
Mute Notifications
Flag For Later
Award Token

Assigned To

None

Authored By

	L0crian
	Jun 23 2025, 4:30 AM

Description

It could be useful to allow an nft rule to be created from raw nftables syntax.. This would allow for complex configurations for users while they await native implementation of nftables syntax.

Configuration could look something like:

set firewall ipv4 forward filter rule 10 action nft-rule
set firewall ipv4 forward filter rule 10 nft-rule "ct state vmap { established : accept, related : accept, invalid : drop }"

Details

Version: -
Is it a breaking change?: Unspecified (possibly destroys the router)
Issue type: Feature (new functionality)

Event Timeline

L0crian created this task.Jun 23 2025, 4:30 AM

pasik subscribed.Jun 23 2025, 6:20 AM

Unknown Object (User) triaged this task as Normal priority.Jun 24 2025, 9:55 AM

Add ability to create raw nftables ruleOpen, NormalPublicFEATURE REQUESTActions

Description

Details

Event Timeline

Add ability to create raw nftables rule
Open, NormalPublicFEATURE REQUEST
Actions