How do I make these NFT commands persistent?

I have looked but can't find how to create a table using the uci method and I have tried modifying /etc/nftables.d/10-custom-filter-chains.nft

nft add table bridge filter; \
nft add chain bridge filter input '{type filter hook input priority -200; }'; \
nft add chain bridge filter output '{type filter hook output priority 100; }'; \
nft add rule bridge filter input iifname { lan1, lan2, lan3, lan4 } udp dport 67 counter drop; \
nft add rule bridge filter output oifname { lan1, lan2, lan3, lan4 } udp sport 67 counter drop

Maybe this helps: https://openwrt.org/docs/guide-user/firewall/firewall_configuration#includes_2203_and_later_with_fw4

You need to add ruleset-pre script, wrapping nicely as in https://github.com/openwrt/firewall4/issues/19

Thank you for the replies. I solved it by doing the following. I created /usr/share/nftables.d/ruleset-post/wifi_dhcp_only.nft
and added the following

flush ruleset bridge
table bridge filter {
	chain input {
		type filter hook input priority -200;
		iifname {"lan1", "lan2"} udp dport 67 counter drop
	}
	
	chain output {
		type filter hook output priority 100;
		oifname {"lan1", "lan2"} udp sport 67 counter drop
	}
}

Please let me know if there is anything wrong with doing it this way.

flush table bridge filter

oterwise ok.

I tried that but it didn't work, perhaps because when initially ran bridge filter does not exist?

Out there in that ticket:

#!/usr/sbin/nft -c -f
table bridge fw4 
flush table bridge fw4
table bridge fw4 { chain ...

Or you can replace "flush" with "destroy"
Probably not a good idea to name table "fw4" or "filter" as those are used in other places.

Okay, that worked. How's this?

table bridge drop_dhcp
flush table bridge drop_dhcp
table bridge drop_dhcp{
	chain input {
		type filter hook input priority -200;
		iifname {"lan1", "lan2"} udp dport 67 counter drop
	}
	
	chain output {
		type filter hook output priority 100;
		oifname {"lan1", "lan2"} udp sport 67 counter drop
	}
}

Yes, thats it!!!
Add file name to /etc/sysupgrade.conf to survive reboots.
Note the interpreter at start - you can "run" nftables script to check syntax
It is faster to use ?if in place of ?ifname