I am currently struggling to translate a pre-nftables configuration/setup correctly to be used with 22.03.2.
My setup is an Archer C6v3 behind a modem, connected via WAN and routing all traffic from LAN over a wireguard interface. In order to avoid the geoblocking of several streaming services I need to route traffic directed to these domains directly over WAN.
To do so with nftables, I have installed dnsmasq 2.87 to be able to use nftset.
The old process of setting everything up was as follows:
What I am struggling with, is the following: How do I translate the iptables command correctly, especially regarding the marking?
I know I need to create a new table, streaminglist, but I am struggling with how to fill it. Do I need to create a set in order for nftset to fill it or does nftset do it on its own? Which chains and rules do I need to have the packages to the domains nftset translates into elements (IPs) marked (and forwarded?)?
I fiddled around a lot but never seemed to get the correct combination and have now reset everything and am looking for help. Any input is appreciated!
Thank you very much, this seems to be working. I had to add the sets for ipv4 and ipv6 respectively first before your rule stopped giving an error but now, after going through the process twice per command line and once automated via script, with 2 reboots inbetween, my IP info tests give good results!
I'll do some further testing, so far I am very happy though, double thanks again!