Theres also iptables wrappers around like iptables-zz-legacy which interprets iptables to nfttables.
i believe pbr-iptables is not a wrapper since it links iptables in its dependency.
But yea i find this rather confusing, i never liked the change from upstream Linux iptables to nfttables 
, OpenWrt seems to heavily rely to some wrapper hack… i see this with docker too!
Though i believe the oem firmware still use iptables or a wrapper, the question more is if it supports all those modules idd 