Is there any plan to migrate to nftables and possibly with firewalld? Maybe from Turris 6.0? It is lot more easier to manage policies, zones, chains etc. That’s what I have on my Debian box.
What I like the most about the firewalld is that it is just 1cmd/click to switch the desired interface to the one of the predefined zones(home, public, dmz, custom ones etc), even on the fly wo making it persistent.
Additionally, as I know the iptables already deprecated.