#StackBounty: #linux #firewall #nftables Safe rule applying remoetly using NFT

Bounty: 50

If you have experience, could you please advise, how to safely apply firewall rules remotely on Linux using nft?

Particularly on Debian, we used for a long time iptables-apply(8) to safely apply remotely firewall rules to avoid lock out ourselfves in case of some mistakes in rules.

As of now, latest Debian release comes with nftables instead of iptables, and official advice is to start using new tool nft.
I known that there is wrapper that converting old style iptables rules on the fly, but everywhere it advised to not mix old style with new one, so we finally decided to switch all rules to a new (sort of pf) style, but we are still a humans and don’t want to lock ourselves out of remote servers in case of mistake in rules, so shortly, is there some procedure to do the same as iptables-apply but using nft?


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.