These days iptables is a legacy interface implemented on top of nftables. And nftables does provide atomic rule replacement: https://wiki.nftables.org/wiki-nftables/index.php/Atomic_rul...
So you would have a file with something like:
table inet filter { chain input { tcp dport 8080 accept } }
$ nft -f input_file
These days iptables is a legacy interface implemented on top of nftables. And nftables does provide atomic rule replacement: https://wiki.nftables.org/wiki-nftables/index.php/Atomic_rul...
So you would have a file with something like:
The you would atomic apply it with: