From f7766c0952ce2c5db6d639b03113c070501352d7 Mon Sep 17 00:00:00 2001
From: Ian Kelling <iank@fsf.org>
Date: Sat, 27 Apr 2024 15:47:37 -0400
Subject: [PATCH] nftables notes

---
 work.org | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/work.org b/work.org
index 8e10b3c..abea832 100644
--- a/work.org
+++ b/work.org
@@ -1140,3 +1140,14 @@ EOF
 wget -m ftp://lists.gnu.org/info-gnu
 cd lists.gnu.org/info-gnu
 sed -rn '/^From: /{s/.*@([^> ]*).*/\1/' * | sort -u | while -read -r l; do host -t txt _dmarc.$l; done
+
+* nftables
+
+New librecmc uses this.
+
+iptables-nft command uses the newer nftables kernel API but reuses the
+legacy packet-matching code
+
+iptables -S = nft list ruleset
+
+iptables-translate does translation of iptables arguments (but not -S).
-- 
2.30.2