nftables ssh Could not resolve service Servname not supported

I have my simple nftables firewall working (thanks to people who have posted).

However I have one issue, my nftables is not recognising the label 'dns' for port 53, although it is recognising labels for other ports that I have been using (e.g. ssh, http, ntp, https).

When I checked on the Internet, I find that other people are using the label 'dns'. I wonder if I am the only one having this issue?

It is not much of an issue, anyway, as it is just as easy to use numerical port numbers.

Other checks on the Internet show that some people have previously reported issues with other labels, like ssh, where as I am not.

=============================

On Debian Bookworm headless server (built this morning)

Set rules to use lables (e.g. dns) and not numerical values

# nano /etc/nftables.conf

oifname "enp1s0" ct state new udp dport dns accept
oifname "enp1s0" ct state new tcp dport { ssh, dns, http, ntp, https } accept

# systemctl restart nftables.service
Job for nftables.service failed because the control process exited with error code.
See "systemctl status nftables.service" and "journalctl -xeu nftables.service" for details.

# journalctl -xeu nftables.service
...
The process' exit code is 'exited' and its exit status is 1.
Aug 06 13:54:51 debmcfwt nft[1519]: /etc/nftables.conf:24:50-52: Error: Could not resolve service: Servname not supported for ai_socktype
Aug 06 13:54:51 debmcfwt nft[1519]: oifname "enp1s0" ct state new tcp dport { ssh, dns, http, ntp, https } accept
Aug 06 13:54:51 debmcfwt nft[1519]: ^^^
Aug 06 13:54:51 debmcfwt systemd[1]: nftables.service: Failed with result 'exit-code'.
...

Set rules to use 53 and not dns
# nano /etc/nftables.conf

oifname "enp1s0" ct state new udp dport 53 accept
oifname "enp1s0" ct state new tcp dport { ssh, 53, http, ntp, https } accept
...

Restarting nftables no longer causes an error report.
# systemctl restart nftables.service
#

A few web pages of different but similar or not so similar issues:

https://linux-audit.com/nftables-beginners-guide-to-traffic-filtering/

ip daddr 127.0.0.1 tcp dport {http, postgresql, ipp} accept
udp dport dns accept
tcp dport {dns, http, ntp, https, 9418} accept

Aug 06 13:46:05 debmcfwt nft[1505]: /etc/nftables.conf:24:45-47: Error: Could not resolve service: Servname not supported for ai_socktype
Aug 06 13:46:05 debmcfwt nft[1505]:                 oifname "enp1s0" ct state new tcp dport { dns, ssh, http, ntp, https } accept
Aug 06 13:46:05 debmcfwt nft[1505]:                                                           ^^^
Aug 06 13:46:05 debmcfwt systemd[1]: nftables.service: Main process exited, code=exited, status=1/FAILURE

https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1821654.html
    root@main:~# nft -c 'table filter {chain INPUT {tcp dport ssh;};}'
    Error: Could not resolve service: Servname not supported for ai_socktype
    table filter {chain INPUT {tcp dport ssh;};}
                                         ^^^

https://git.netfilter.org/nftables/commit/?id=818f7dded9c9e8a89a2de98801425536180ae307
evaluate: reset ctx->set after set interval evaluation
Otherwise bogus error reports on set datatype mismatch might occur, such as:

Error: datatype mismatch, expected Internet protocol, _expression_ has type IPv4 address
    meta l4proto { tcp, udp } th dport 443 dnat to 10.0.0.1
    ~~~~~~~~~~~~ ^^^^^^^^^^^^

with an unrelated set declaration.

============================================

# cat /etc/nftables.conf
#!/usr/sbin/nft -f

flush ruleset

table ip filter {
   chain INPUT {
        type filter hook input priority filter; policy drop;
        iifname "lo" accept
        iifname "enp1s0" ct state established,related accept
        iifname "enp1s0" ct state new tcp dport ssh accept
        iifname "enp1s0" ct state new tcp dport 25565 accept
        iifname "enp1s0" ct state new tcp dport 8123 accept
   }

   chain FORWARD {
        type filter hook forward priority filter; policy drop;
   }

   chain OUTPUT {
        type filter hook output priority filter; policy drop;
        oifname "lo" accept
        oifname "enp1s0" ct state established,related accept
        oifname "enp1s0" ct state new udp dport 53 accept
        oifname "enp1s0" ct state new tcp dport { ssh, 53, http, ntp, https } accept
        oifname "enp1s0" icmp type {echo-request} accept
   }
}