Flint 2 - Missing FW Custom Rules Tab

Running the latest firmware, noticed the Custom Rules Tab for Firewall Settings is missing in Luci. Was this moved elsewhere?

It’s not under Network → Firewall → Custom rules anymore? That’s how it is on Slate AX’s firmware 4.4.6-release1/OWR 21.02. Can you get output fr cat /etc/firewall.user?

… I wonder if this is related to mainline OWRT now using nftables but Flint v2 has ‘mixed mode’/shim iptables packages to maintain backwards compatibility.

  • opkg list-installed | grep iptable
  • opkg list-installed | grep nft

I am not sure what kind of settings should be located under Custom Rules but Traffic rules should be all you need, no?


cat: can’t open ‘/etc/firewall.user’: No such file or directory

root@GL-MT6000:~# opkg list-installed | grep iptable

iptables-mod-conntrack-extra - 1.8.8-2
iptables-mod-extra - 1.8.8-2
iptables-mod-fullconenat - 2023-01-01-74c5e6f3-1
iptables-nft - 1.8.8-2

root@GL-MT6000:~# opkg list-installed | grep nft

ip6tables-nft - 1.8.8-2
iptables-nft - 1.8.8-2
kmod-nft-compat - 5.15.139-1
kmod-nft-core - 5.15.139-1
kmod-nft-fib - 5.15.139-1
kmod-nft-nat - 5.15.139-1
kmod-nft-offload - 5.15.139-1
libiptext-nft0 - 1.8.8-2
libnftnl11 - 1.2.6-1
nftables-json - 1.0.8-1
xtables-nft - 1.8.8-2


I’m just looking to adjust the TTL for my tethered phone, as I have done with other glInet routers with the custom rule:

iptables -t mangle -I POSTROUTING 1 -j TTL --ttl-set 65

Seems it’s gone because of nftables as @bring.fringe18 already suggested.

Try tossing it it /etc/rc.local after executing directly, testing. I think there’s suppose to be a ‘iptables-to-nft’ translating ‘shim’. I’m probably wrong though.