Is it possible to create a custom chain using UCI commands?
Currently, I add a chain (and its contents) using command in /etc/firewall.user, e.g.: iptables -t filter -N limited_input && ...
And after that some my scripts "on the fly" add/modify rules using this chain by UCI, e.g. :
uci set firewall.some_rul=rule &&\
uci set firewall.some_rul.src="wan" &&\
uci set firewall.some_rul.dest_port="$PORT" &&\
uci set firewall.some_rul.proto="$PROTO" &&\
uci set firewall.some_rul.extra="-j limited_input"
But in case of firewall restarting (/etc/init.d/firewall restart) all rules that uses the limited_input chain cannot be (re)created, because file /etc/firewall.user is processed last of all and my chain doesn't exist yet.
As I said earlier, rules that use the "limited_input" chain are added/modified/deleted by scripts during operation, these rules are not permanently stored in /etc/config/firewall or in /etc/firewall.user. And it’s very convenient to manipulate these rules through UCI commands (uci revert firewall.some_rul, uci set firewall.some_rul.dest_port=...).