Am 22.03.20 um 15:43 schrieb Frank Myhr: > nftables has its own concept of sets: > https://wiki.nftables.org/wiki-nftables/index.php/Sets > > I don't know of a way to use ipset with nftables well, that's a showstopper for even consider switch to nftables given the amount of code maintainig ipsets from shell scripts *because* they live outside of the ruleset it makes many things so much easier up to write backends in whatever language to maintain ipsets without any knowledge of the ruleset using them finally i even deploy ipsets to different machines no matter where they are phyisically located and hwat the role of the machine is (firewall, endpoint...) well, you need to think about naming to keep them useable that way....
