I’m coming from Debian and I’m used to configure a basic firewall with nftables, but apparently OpenSuse has got its own firewall.
So I was wondering the following:
which packet filter framework does the YaST firewall use -> iptables or nftables?
what are the default settings → block all incoming, allow all outgoing, …?
BTW, firewalld 0.6.0 onwards uses nftables as the default backend, and openSUSE Leap 15.2 is using firewalld 0.5.5, so one would need to upgrade it in order to support nftables.
Just 1 more question, if I were to upgrade firewalld, what would be the best/safest way to do this? Through OBS?
Yes, you can. The security:netfilter repo offers version 0.9.0 currently… https://software.opensuse.org/package/firewalld
*Refer 'Show experimental packages for the appropriate openSUSE release
Yes, that’s not really a good description of the packages offered by that repo IMHO. The openSUSE Leap releases are characterised by a stable release built with a frozen set of packages following a reasonable level testing involving the community as well. In general, a given release gets updated with security and bugfix updates only. However, sometimes users will have need for requiring particular a software version, and can subscribe to the appropriate repo(s) for this.