> Can't nm execute some action when an interface comes up? Looks like there might be: (https://askubuntu.com/questions/1111652/network-manager-script-when-interface-up). > That way you could just add the flowtable later. However, this would only insert the flow table statements on server bootup. Since '/etc/nftables/firewall.nft' ttself *wouldn't* contain the flow tables statements, any 'systemctl reload nftables' or 'nft -f /etc/nftables/firewall.nft' action (to apply a rule change, for example) would essentially get rid of the flow tables mechanism from the running system, wouldn't it? -Martin
