Hi,

I'm wondering if it's possible to change iptables family of commands to
point to the iptables-nft* versions instead.

Currently looking at Docker which seem to to put iptables rules in the
legacy tables. Docker seems to just use iptables
https://docs.docker.com/network/iptables/ and the recommended solution
seems to be to do something like:

sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy

However this is only for Debian based distributions.

I thought about wiping the table and using nftables (what I prefer) but
the only issue with that is I would have to manually update it as this
person points out.
https://gist.github.com/goll/bdd6b43c2023f82d15729e9b0067de60#gistcomment-3738515

I also found that it interfers with LXD and KVM
https://discuss.linuxcontainers.org/t/lxd-and-docker-firewall-redux-how-to-deal-with-forward-policy-set-to-drop/9953/7
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865975

In theory if there was a nice way to make Alpine Linux use the
iptables-nft* variants by default, then I should be able to continue to
use nftables as usual for my manual created rules.

-- 
Daniel Gray (dng) 0x41911F722B0F9AE3
https://social.privacytools.io/@dngray