Help with nftables and forwarding filter

[punishedJib]

Hi, I have 0 experience with networking and nftables.
If I add to my table a filter chain with a forward hook that by default drops everything, vopono won't work. I even set its priority to be very high but to no prevail.

Here's my ruleset when running vopono:

table inet my_table {
	chain my_input {
		type filter hook input priority filter; policy drop;
		ct state established,related accept
		iif "lo" accept
		ct state invalid drop
		meta l4proto ipv6-icmp accept
		meta l4proto icmp accept
		ip protocol igmp accept
		meta l4proto udp ct state new jump my_udp_chain
		tcp flags syn / fin,syn,rst,ack ct state new jump my_tcp_chain
		meta l4proto udp reject
		meta l4proto tcp reject with tcp reset
		counter packets 0 bytes 0 reject
	}

	chain my_forward {
		type filter hook forward priority 200; policy drop;
	}

	chain my_output {
		type filter hook output priority filter; policy accept;
	}

	chain my_tcp_chain {
		tcp dport 53317 accept
	}

	chain my_udp_chain {
		udp dport 53317 accept
	}
}
table inet vopono_nat {
	chain postrouting {
		type nat hook postrouting priority srcnat; policy accept;
		oifname "wlp2s0" ip saddr 10.200.1.0/24 counter packets 0 bytes 0 masquerade
	}
}
table inet vopono_bridge {
	chain forward {
		type filter hook forward priority filter - 10; policy accept;
		iifname "vo_mv_norway_d" oifname "wlp2s0" counter packets 3 bytes 528 accept
		oifname "vo_mv_norway_d" iifname "wlp2s0" counter packets 0 bytes 0 accept
	}
}

[jamesmcm]

The network namespace connects via the network interface, so I think dropping everything like this will also drop the VPN traffic?

What do you want it to do?

[punishedJib]

I wanted it to drop everything by default, but have the vopono rules apply when I use it. If I add the rules to the chain manually in my table it works. But I don't know how I would test to see if it's actually dropping everyhting except the vopono packets or just getting overridden.