QoS and nftables ... some findings to share

Have to say, I ran out of time to keep digging into the problem with the current openwrt release. I'm still on 19.07.01, and kinda have nftables working - still has the old problems with loading the tables, and occasionally seems to barf up other services.

Its almost certainly connected with how the kernel is compiled, but with several recompiles, I couldn't find what was causing the problem. Suspect I'll probably wait until openwrt version 20 comes out, then look at the problem again.

Oh yes, worth saying yes nftables can be controled like ip tables with commands. To my mind its more flexable than iptables, easier to make sure rules are loaded in the right place. So yes if you wanted a script, e.g. sqm scripts, to change the firewall rules, yes should be possible with nftables; just a case of rewriting everything.

Not sure what the official openwrt approach will be; there was talk of rewriting fw3 as fw4, where fw4 uses nftables. Don't know if any progress was made, its not something I followed.

1 Like