Kamil Jońca <kjonca@xxxxx> wrote:
> I have strongswan(ipsec) server which, at connection establishing issue:
> --8<---------------cut here---------------start------------->8---
> iptables -I INPUT -i ${PLUTO_INTERFACE} -m policy --dir in --pol ipsec --reqid $PLUTO_REQID -j ipsec-in-${PLUTO_REQID}
> --8<---------------cut here---------------end--------------->8---
>
> How can I do it in nftables (especially reqid)?
>
> I tried to read
> https://wiki.nftables.org/wiki-nftables/index.php/Main_Page but did not
> found anything useful.
>
> Moreover one thing is unclear for me at:
> https://wiki.nftables.org/wiki-nftables/index.php/Supported_features_compared_to_xtables#policy
> this direct to chain policy, but there is
> iptables extension called 'policy' (which is used in my rule)
> and I cannot found counterpart on nftables side.
Indeed, I will update this tomorrow.
> Am I missing something?
No. -m policy replacement has been merged only recently, it will be
part of next nftables release (which should happen soon).
