So before the transition to nftables, you could create firewall objects in PROCD to create/target ipsets, like this, with the transition I have the following questions:
Does fw4 still support ipset objects in PROCD? Does it require iptables-legacy then? Any changes to the syntax of the firewall objects?
What's the syntax for creation of an nft set and targeting the nft set with PROCD firewall objects? Since nft sets can only be created within tables (afaik), how do I create a new inet table within a firewall object?
How can I declare type for the set? I've tested and by default it's type ipv4_addr with the flags: interval. I need to create an IPv6 set as well.
Can I rely on the sets being created in the table fw4 of type inet in the future?
PS. I see the reasons for transparent translation of ipset objects into actual nft sets, but the naming is confusing, is there any plan to allow to use nftset in the place of ipset in uci config/PROCD objects before 22.03 is released? Would the /usr/share/firewall4/main.uc need to be changed or some other file? I'm confused.