Got to look into the world of firewalls, long time since I used one, which back then was arno I used.
Firewalls on Linux seem to be a thin layer on top of iptapbles or nftables. They all manipulate rules and try to make it easier for the user/admin to configure. But in the end it's whatever teh underlying itables or nftables does, that is the truth.
My usecase was a bit special: I wanted to see if a local machine behind a NAT witrunningh wireguard as a client, could be used as a web server on the Internet. Turns out it can, but it felt prudent to put an additional firewall on teh server itself, since there did not seems