Would appreciate if a developer could be obliged to enable nftables sets as module in the kernel conf for Master and 19.07
Currently it is unset [1]
# CONFIG_NF_TABLES_SET is not set
and thus when invoked
nft flush ruleset
nft add table filter
nft add chain filter input { type filter hook input priority 0\; }
nft add set filter myset { type ipv4_addr\; }
produces
Error: Could not process rule: Not supported
SETS are an essential part of the nftables ecosystem, extending beyond what ipset provides.
This option enables the nf_tables set infrastructure that allows to look up for elements in a set and to build one-way mappings between matchings and actions. [2]
[1] https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob;f=target/linux/generic/config-4.19;hb=b2d10977a860f34e003ed158d6d208f431a14579#l3465
[2] https://github.com/torvalds/linux/blob/master/net/netfilter/Kconfig#L459