Policy Routes on nftables + WireGuard - Help Needed

Hey, mates. Need some help with nftables and WireGuard gateway config. Trying to route some IPs from fw777 nftable to my WireGuard gateway. Googled for days , hit a dead end. Even threw it at ChatGPT, and this is what it spat out:

#!/usr/sbin/nft -f

table inet fw777 {

    set 777 {
        type ipv4_addr
        elements = { 1.1.1.1, 8.8.8.8 }
    }

    chain prerouting {
        type filter hook prerouting priority mangle; policy accept;
        
        ip saddr @777 meta mark set 17
    }

    chain output {
        type filter hook output priority filter; policy accept;
        
        ip daddr @777 meta mark set 17 counter accept
    }

    chain postrouting {
        type filter hook postrouting priority srcnat; policy accept;
        
        ip daddr @777 meta mark set 17 oifname "wg0" counter accept
    }
}

ip rule add fwmark 17 table 17
ip route add default via <WireGuard IP> dev wg0 table 17

Tried it, but it didn't work. Any guidance from the pros would be super helpful, thank you.

I'm running OpenWrt 23.05.6 on an AC2100, with dnsmasq-full installed.

First consider upgrading to 24.10.5 as 23.05 is almost EOL

There is a nice PBR app with GUI which can do this all for you see:

Working with nft sets manually is possible but take some steps see:
OpenWRT Policy Based Routing (PBR)

Not "almost", it is fully EOL since 2025-08-20, there will be no further updates of the 23.05.x branch).

Hope you know that duplicating fw4 hook priorities makes rule application unpredictable....

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button (red circle; this works best in the 'Markdown' composer view in the blue oval):

Remember to redact passwords, VPN keys, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/dhcp
cat /etc/config/firewall