Thanks for your thorough summary, I appreciate the clear list of options. I'm personally going to freeze against 22.03 till the resolution becomes more clear.
That said, I have a question about this part of your post:
The issue now is the fact that the upstream dnsmasq-full package has now had it's default compile options updated to remove ipset support in favour of nftables in 23.05
From what I can tell the dnsmasq upstream still allows both options. Looking at the breaking change and discussions around it are two separate considerations at play here:
-
What "list of IPs" implementation should back the LuCI "IP set" implementation and
/etc/config/dhcp, and how that should be configured in the generated dnsmasq.conf file. -
Whether dnsmasq-full should be built with "-DHAVE_NFTSET", "-DHAVE_IPSET", or both.
The change in 1 seems consistent with the overall move to nftables, and probably requires the nftables update to mwan3. Perhaps there was an potential workaround for the LuCI code to manage both and ipset and nftset at the same time in the generated dnsmasq.conf, but I'm not qualified to judge that approach or its tradeoffs. If the LuCI IP set functionality switches to nftsets, then that aspect of the mwan3 documentation is broken.
However, the change in 2 appears to be unnecessary, and breaks the other documented way to add ipsets in mwan3, which is direct use of /etc/dnsmasq.conf. This is both how I already use the functionality and seems like an acceptable general workaround till mwan3 is updated. Since this method also already appears in the mwan3 documentation, its not a stretch to make it the officially supported mwan3 method on 23.05.
Assuming my summary is correct, from what I can tell this is a one line change to the OpenWRT Makefile of the dnsmasq-full, but there may be other considerations I'm missing.