To reproduce:
```
set policy route POSTROUTING interface "eth1"
set policy route POSTROUTING rule 100 destination address '192.0.2.2'
set policy route POSTROUTING rule 100 set mark '200'
set policy route POSTROUTING rule 201 protocol 'icmp'
set policy route POSTROUTING rule 201 set mark '200'
set policy route POSTROUTING rule 201 source address '192.168.0.0/24'
set policy route POSTROUTING rule 300 destination address '192.0.2.5'
set policy route POSTROUTING rule 300 destination port '8888'
set policy route POSTROUTING rule 300 protocol 'tcp_udp'
set policy route POSTROUTING rule 300 set mark '300'
vyos@r14# commit
[ policy route POSTROUTING ]
Failed to apply policy based routing
[[policy route POSTROUTING]] failed
Commit failed
[edit]
vyos@r14#
```
PRB generates two same chains instead of one `VYOS_PBR_POSTROUTING`
Nftables:
```
vyos@r14# cat /run/nftables_policy.conf
#!/usr/sbin/nft -f
delete table ip vyos_mangle
delete table ip6 vyos_mangle
table ip vyos_mangle {
chain VYOS_PBR_PREROUTING {
type filter hook prerouting priority -150; policy accept;
iifname { eth1 } counter jump VYOS_PBR_POSTROUTING
}
chain VYOS_PBR_POSTROUTING {
type filter hook postrouting priority -150; policy accept;
}
chain VYOS_PBR_POSTROUTING {
ip daddr 192.0.2.2 counter meta mark set 200 return comment "POSTROUTING-100"
meta l4proto icmp ip saddr 192.168.0.0/24 counter meta mark set 200 return comment "POSTROUTING-201"
meta l4proto {tcp, udp} ip daddr 192.0.2.5 th dport {8888} counter meta mark set 300 return comment "POSTROUTING-300"
}
}
table ip6 vyos_mangle {
chain VYOS_PBR6_PREROUTING {
type filter hook prerouting priority -150; policy accept;
}
chain VYOS_PBR6_POSTROUTING {
type filter hook postrouting priority -150; policy accept;
}
}
```