RE: is nft running? how do I get info?

[Bonno Bloksma <b.bloksma@tio.nl>]

Hi Anssi,

>> There is nothing in the journal about nft 
>> linbookwormtest:~#journalctl -t nft
>> -- Journal begins at Mon 2023-03-27 13:07:50 CEST, ends at Mon 
>> 2023-04-24 12:18:07 CEST. --
>> -- No entries --

> Debian's nftables package includes a systemd service to run nftables. You might want to run systemctl status nftables first and then enable and to start the service.
Unfortunately nft is not a service. Trying the service command with nft gives an error.
linbookwormtest:~# service nft status
Unit nft.service could not be found.
linbookwormtest:~#

Also trying command completion with the nft, or even nf, show no results. Using just the n for completion gives just the networking service.

> I wonder how you used iptables? I always used a script for that but I had to run it too for changes...
I allways had a script too. I had it hooked in /etc/network/interfaces via either a pre-up or post-up rule depending if there was a fixed ip or a dhcp line in the interfaces file.

A default Debian install has an executable /etc/nftables.conf file. If nothing is looking at that file then what is the "normal" wat to start the firewall? 
Do I hook it up via one of the old /etc/init.d/ scripts? Do I create a script in one of the /etc/rc?.d/ directories?
I am pretty sure they don't expect every novice to start writing systemd service files? I don't even know where they are, I never touch them, too much can go wrong by not understanding how it all connects.
If I install dhcp it comes with default config files. If I change them then THAT config gets loaded.

If Debian does NOTHING with that nft config file then why is it there?
Is this a bug? 

Bonno Bloksma