Web lists-archives.com

nftables howto?

Recent upgrade surprised me with iptables->nftables migration.
I understand I should prepare to migrate, but I cannot found
comprehensive documentation of nftables.
For example:

In my ipsec updown script I have something like:
--8<---------------cut here---------------start------------->8---
iptables -I INPUT -i ${PLUTO_INTERFACE}  -m policy --dir in  --pol ipsec --reqid  $PLUTO_REQID   -j ipsec-in-${PLUTO_REQID}
--8<---------------cut here---------------end--------------->8---

Where can I read how to translate it to nftables? (especially --reqid)

Or how can I write updown script which insert some rules when client
connects, and "purge" them on disconnect?

In specifications, Murphy's Law supersedes Ohm's.