I would like to allow connections to specific domains through my nftables filter.
I managed for specific hostnames with:
ip6 daddr aur.archlinux.org accept
However, I would like wildcard matching of something like *.archlinux.org or keyserver.*.
Entering such a pattern directly did not work,
neither double-quoted.
Furthermore, the domain matching only works
if the service has a single ip.
Furthermore, maybe there is a proper way to match independently of the IP-version?
Related: Linux: only allow outgoing connections to specific domains and https://serverfault.com/questions/998962/nftables-support-string-matching-support
