ghost
commented
7 years ago nftables has been around quite a long time, and it's always been slated as the "replacement" for iptables. I don't think there's any significant momentum in this regard.
That being said.. the adaptation of nftables to Comcast rule generation wouldn't be all that difficult.
Most of the heavy lifting is done with TC. TC still exists with an nftables system. We'd only have to replace the functionality to bind the filter rules to the queue set up by TC. Really, the only thing iptables does is classify the packet in postrouting to target it at the TC class.
There's some way to do that in nftables, we'd just need to figure out that command and template it and add it as an option (similar to how we switch between iptables and ip6tablkes).
q2dg
It would be nice to use it instead as it's meant to replace *tables.