diff --git a/podkop/files/usr/bin/podkop b/podkop/files/usr/bin/podkop
index 43fd032..dfa97b2 100755
--- a/podkop/files/usr/bin/podkop
+++ b/podkop/files/usr/bin/podkop
@@ -4,6 +4,7 @@
 [ -r /lib/config/uci.sh ] && . /lib/config/uci.sh
 PODKOP_LIB="/usr/lib/podkop"
 . "$PODKOP_LIB/constants.sh"
+. "$PODKOP_LIB/nft.sh"
 . "$PODKOP_LIB/helpers.sh"
 . "$PODKOP_LIB/sing_box_config_manager.sh"
 . "$PODKOP_LIB/sing_box_config_facade.sh"
@@ -996,17 +997,17 @@ configure_local_domain_or_subnet_lists() {
 
     case "$type" in
     domains)
-        config_list_foreach "$section" "local_domain_lists" import_local_domain_or_subnet_list_to_ruleset "$type" \
+        config_list_foreach "$section" "local_domain_lists" import_local_domain_or_subnet_list "$type" \
         "$section" "$ruleset_filepath"
         _add_ruleset_to_dns_rules "$ruleset_tag" "$route_rule_tag" ;;
     subnets)
-        config_list_foreach "$section" "local_subnet_lists" import_local_domain_or_subnet_list_to_ruleset "$type" \
+        config_list_foreach "$section" "local_subnet_lists" import_local_domain_or_subnet_list "$type" \
         "$section" "$ruleset_filepath";;
     *) log "Unsupported local rule set type: $type" "warn" ;;
     esac
 }
 
-import_local_domain_or_subnet_list_to_ruleset() {
+import_local_domain_or_subnet_list() {
     local filepath="$1"
     local type="$2"
     local section="$3"
@@ -1050,10 +1051,13 @@ import_local_domain_or_subnet_list_to_ruleset() {
         return 0
     fi
 
-    items="$(comma_string_to_json_array "$items")"
+    items_json="$(comma_string_to_json_array "$items")"
     case "$type" in
-    domains) sing_box_cm_patch_local_source_ruleset_rules "$ruleset_filepath" "domain_suffix" "$items" ;;
-    subnets) sing_box_cm_patch_local_source_ruleset_rules "$ruleset_filepath" "ip_cidr" "$items" ;;
+    domains) sing_box_cm_patch_local_source_ruleset_rules "$ruleset_filepath" "domain_suffix" "$items_json" ;;
+    subnets)
+        sing_box_cm_patch_local_source_ruleset_rules "$ruleset_filepath" "ip_cidr" "$items_json"
+        nft_add_set_elements "$NFT_TABLE_NAME" "$NFT_GENERAL_SET_NAME" "$items"
+        ;;
     esac
 }
 
diff --git a/podkop/files/usr/lib/constants.sh b/podkop/files/usr/lib/constants.sh
index ec744f7..1c21fa8 100644
--- a/podkop/files/usr/lib/constants.sh
+++ b/podkop/files/usr/lib/constants.sh
@@ -1,3 +1,8 @@
+## nft
+NFT_TABLE_NAME="PodkopTable"
+NFT_GENERAL_SET_NAME="podkop_subnets"
+
+## sing-box
 # Log
 SB_DEFAULT_LOG_LEVEL="warn"
 # DNS
diff --git a/podkop/files/usr/lib/nft.sh b/podkop/files/usr/lib/nft.sh
new file mode 100644
index 0000000..6efed17
--- /dev/null
+++ b/podkop/files/usr/lib/nft.sh
@@ -0,0 +1,23 @@
+# Create an nftables table in the inet family
+nft_create_table() {
+    local name="$1"
+
+    nft add table inet "$name"
+}
+
+# Create a set within a table for storing IPv4 addresses
+nft_create_ipv4_set() {
+    local table="$1"
+    local name="$2"
+
+    nft add set inet "$table" "$name" '{ type ipv4_addr; flags interval; auto-merge; }'
+}
+
+# Add one or more elements to a set
+nft_add_set_elements() {
+    local table="$1"
+    local set="$2"
+    local elements="$3"
+
+    nft add element inet "$table" "$set" "{ $elements }"
+}
\ No newline at end of file