I just heard on the mailing list that a new OpenWrt release is planned for March 2022.
In this release, the firewall is now used on nftables by default.
I only found out about it a month ago.
Unfortunately, I have to say that I have not yet had the time to deal with this topic in depth because of other projects that have more priority.
I think that the iptables to nftables conversion via iptables-nft should work, but I have not tested it.
My problem is that I use ipsets, which does not exist in nftables as I know.
Pullrequest are welcome to port the mwan3 to nftables.
I will probably not be able to port the mwan3 in time for the next release without our help
I have found a reference implementation for policy based routing with nativ nftables with out iptables-nft
I have a problem with the following ipset. There seems to be no translation for it:
Can anyone tell me how to do this?
I would like to rewrite the mwan3 so that it use ucode like the firewall4. Unfortunately, I probably won't be able to do that until the freeze. Also, I would first have to read into ucode and restructure the whole mwan3.
Therefore, my only option is to work with translate.
I would be happy about any help and discussion with some feedback
With the following pullrequest [WIP] I have already started to prepare the mwan3 so that it also works with nftables.
The documentation is a bit poor but I have now found out with try and error that my assumption is not correct.
The ipsets are created with the ipset tool and could be used iptables-nft.
I therefore assume that the mwan3 works with nft.