#StackBounty: #linux #firewall #nftables Safe rule applying remotly using NFT

Bounty: 50

If you have experience, could you please advise, how to safely apply firewall rules remotely on Linux using NFT ?

Particularly on Debian, we used for a long time iptables-apply(8) to safely apply remotely firewall rules to avoid lock out ourselfs in case of some mistakes in rules.
As of now, latest Debian release comes with nftables instead of iptables, and official advise is to start using new tool nft.
I known that there is wrapper that converting old style iptables rules on the fly, but everywhere it advised to not mix old style with new one, so we finally decided to switch all rules to a new (pf kinda) style, but we are still a humans and won’t lock out remote servers in case of mistake in rules, so shortly, is there some procedure to do the same as iptables-apply but using nft ?

For some reason, google and bing keep it either in a secret or I used 6 hours today wrong search keywords, so I appreciate upfront if one would show a road to a truth.


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.