Is it safe to assume that Devuan will follow that (it appears to be the default install too) ?

I think beowulf already defaults to the nftables backend as per https://www.debian.org/releases/stable/ … l#nftables

I do not agree with that at all. The nftables syntax looks *much* easier to understand IMO but I am pretty ignorant when it comes to firewalls so my opinion is probably moot.

I presume you've seen the nftables wiki? See also https://wiki.debian.org/nftables & https://wiki.archlinux.org/index.php/Nftables

The nftables package provides a few examples under /usr/share/doc/ and also has a sysvinit script that can be used in Devuan but it needs correcting:

https://dev1galaxy.org/viewtopic.php?id=2889

It appears iptables is on the road to deprecation in the Debian repos and that nftables is the recommended replacement for maintaining a firewall on a machine. Is it safe to assume that Devuan will follow that (it appears to be the default install too) ?

I've never really poked at the firewalls on Linux until recently and a brief look at the syntax and documentation suggests the iptables rules are easier to read and that there is more documentation on them. However , while i can see the point in learning that, my time is limited and I'm looking for a clear guide to the syntax and some examples of nftables. I've been looking on the netfilter site and various other searches and I've gone a bit cross eyed. Any suggestions on where i might be advised to start learning from?. I dont want to lock myself out of the remote machine so will need SSH open at the minimum.