In iptables there exists the recent module (-m recent). This gives you the possibility to add and remove ip addresses in rulesets (usually blocklists). The advantage of this method is, that you can allow access via FACLs to ordinary users for selected configuration items. E.g.: echo +/- <ip> > /proc/net/xt_recent/<iptname> Looks like, that in nftables there is no recent module. How can I use nftables in a similar way? Thanks for any information/link etc. t.d.