7.21beta Release — Now with nftables + TPROXY Support!

xh116 · November 7, 2025, 7:52pm

/ # nft -V
nftables v1.1.3 (Commodore Bullmoose #4)
  cli:		readline
  json:		yes
  minigmp:	no
  libxtables:	no

/ # lsmod | grep -Ei "tproxy"
nft_tproxy             16384  1 
nf_tables             135168 84 nft_xfrm,nft_tunnel,nft_tproxy,nft_synproxy,nft_socket,nft_reject_inet,nft_reject,nft_redir,nft_quota,nft_queue,nft_osf,nft_objref,nft_numgen,nft_nat,nft_masq,nft_log,nft_limit,nft_hash,nft_fwd_netdev,nft_dup_netdev,nft_ct,nft_counter,nft_connlimit,nft_compat,nft_chain_nat,nf_tables_set
nf_tproxy_ipv6         20480  1 nft_tproxy
nf_tproxy_ipv4         20480  1 nft_tproxy
nf_defrag_ipv4         16384  1 nft_tproxy

That’s exciting news for transparent proxy users!
I noticed that this improvement isn’t included in the changelog.
Could it be added, and will TPROXY support be maintained in upcoming releases?

biki73 · November 8, 2025, 10:35am

what?

whatever · November 8, 2025, 1:19pm

Socksify feature was already added in 7.20.

Simonej · November 8, 2025, 5:45pm

Is RouterOS now using nftables instead of iptables?

dang21000 · November 9, 2025, 10:03pm

This can be great to have only on filter, both ipv4 and ipv6 merged on a same location..

Address lists as Objet to allow easy renaming…

A dream…