Foomuuri is ALMOST there.

I mean there are some payload over payload like GRE VPE/VXLAN/VLAN or IPSec that needs to be written in raw nft if using Foomuuni but it works!.

But I love the Shorewall approach and your configuration gracefully encapsulated Shorewall mechanic.

Disclaimer: I maintain vim-syntax-nftables syntax highlighter repo at Github.