Am 22.06.20 um 18:23 schrieb Stefano Brivio: > By the way, now nftables should natively support all the features from > ipset. > > My plan (for which I haven't found the time in months) would be to > write some kind of "reference" wrapper to create nftables sets from > ipset commands, and to render them back as ipset-style output. > > I wonder if this should become the job of iptables-nft, eventually no, thanks way too much work behind to get a admin-backend calling nano and friends to maintain that stuff and support a wild mix of ipv4 and ipv6 which is assigend to the correct ipset that's a whole and very fancy toolkit and when ruled out the issues of my last mail probably everything works transparnet with iptables-legacy and iptables-nft while keep ipset as it is a seperate layer it's not only about assign, load and save but also about find, list and count things - if someone wants it native when staring from scratch i understand why but i don't want to in this lifetime :-)
