Hi, migrating my existing firewall setup from iptables + ipset to nftables, I ran into a problem. The firewall uses an ipset containing ipv4 source addresses to implement a dynamic blacklist. There are multiple rules that use this ipset, and these rules are in chains that belong to different tables. This doesn't seem to be possible with nftables sets, that apparently always have to belong to one and only one table, is this correct? At least I couldn't figure out how to create a set that is accessible throughout the entire ruleset. Thomas
