Nftables rules for mirroring traffic

Hey all,

Trying to get into using nftables with the latest OpenWrt version.

I had been mirroring traffic from my router with OpenWrt via iptables to a VM running Suricata in promiscuous mode with these rules:

iptables-translate -i eth0 -t mangle -A PREROUTING -s 0/0 -j TEE --gateway
iptables-translate -t mangle -A POSTROUTING -s -j TEE --gateway

And I used the iptables-convertor to convert the rules to the following:

define wan = eth0

chain prerouting { 
		type nat hook prerouting priority 0 

		ip addr eth0 accept 

		nft add rule ip mangle PREROUTING iifname "eth0" counter dup to


post-routing {
			type nat hook postrouting priority 0

nft add rule ip mangle POSTROUTING ip saddr counter dup to


These rules are not working currently, is there anything that stands out as wrong in the syntax? And what should I set the priority to for the hook? Do I need to set it as a NAT hook?