Bug report.
Input
=====
*raw
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -i lo -j CT --notrack
-A PREROUTING -i ve-+ -p tcp --dport 21 -j CT --helper ftp
COMMIT
Output
======
# Translated by iptables-restore-translate v1.8.8 on Thu Jul 21 16:18:58 2022
add table ip raw
add chain ip raw PREROUTING { type filter hook prerouting priority -300; policy accept; }
add chain ip raw OUTPUT { type filter hook output priority -300; policy accept; }
add rule ip raw PREROUTING iifname "lo" counter notrack
# -t raw -A PREROUTING -i ve-+ -p tcp --dport 21 -j CT --helper ftp
# Completed on Thu Jul 21 16:18:58 2022
Expected output
===============
An nft rule involving port 21.
