On Sun, Dec 05, 2021 at 05:25:29PM +0530, Amish wrote: > Hello, > > nftables wiki [1] mentions this: > > > Note: There are plans to support rule deletion by passing: > > % nft delete rule filter output ip saddr 192.168.1.1 counter > > Any idea when will this happen? Because I thought it was very important > feature. (unless I missed an alternate way to do it) > > I want to migrate from iptables to nftables (from many years) but deleting a > rule via script is not as easy as in case of iptables. > > Obtaining the handle first and then deleting it is difficult > programmatically. You can use --echo and --handle options to fetch the rule handle. # nft -e -a add rule x y counter add rule ip x y counter packets 0 bytes 0 # handle 3 # new generation 5 by process 91190 (nft)
