As outlined here: https://wiki.nftables.org/wiki-nftables/index.php/Connlimits I cannot create any rule using "ct count". Executing this on cli: nft add rule inet fw4 forward tcp dport 22 ct count 10 accept Results in this: Error: Could not process rule: No such file or directory add rule inet…

The module CONFIG_NFT_CONNLIMIT is not built in OpenWrt. openwrt/openwrt/blob/openwrt-22.03/target/linux/generic/config-5.10#L4069-L4074 # CONFIG_NFT_CONNLIMIT is not set # CONFIG_NFT_DUP_IPV4 is not set # CONFIG_NFT_DUP_IPV6 is not set …

Thanks for the timely feedback, I'll stop trying to make it work now. Not sure if I feel like building a custom kernel to get this functionality... :slight_smile: I now see that there is an .ipk package for iptables - "iptables-mod-conntrack-extra" which includes connection limiting and other simi…

A similar issue related to NFT_DUP was recently posted. You might chime in there for the CONNLIMIT functionality. [image] NFT DUP module REQUEST For Developers Hi, Is it possible to add DUP (duplicate) module for replacement of the TEE iptables module with FW4 As I wor…

Thanks for the suggestion, that makes sense to me and I will post in that thread as well.

22.03.2 unable to use "ct count" nft rules

Installing and Using OpenWrt

efahl December 28, 2022, 7:22pm 4

A similar issue related to NFT_DUP was recently posted. You might chime in there for the CONNLIMIT functionality.