As the documentation currently reads, you can use set expressions like this:
tcp dport {22,8022} accept
Is there anything in the nftables syntax that permits detecting the
absence of a match? Something like
tcp not dport {22,8022}
or
tcp dport not in {22,8022}
All the examples and descriptions have netfilter only test for set
union, not for set difference.
What am I missing here?
