nftables support

[zabbal]

Would be great to see it instead of ipset. This might also help to resolve some items from todo list automatically.

[Lekensteyn]

nftables is pretty new and if I am not mistaken it should replace iptables, not ipset? What are the advantages of nftables?

[zabbal]

Well, yes, sort-of - it still provide compatibility interface so it should work with ipset too but its advantages makes ipset obsolete so it would be better to use nftables natively.

Some of it described at https://home.regit.org/2014/01/why-you-will-love-nftables/