This request is for netavark to implement something that achieves what the DOCKER and DOCKER-USER chains achieve in iptables /nft (https://docs.docker.com/network/iptables/). Essentially placing all netavark rules in a chain and having a user chain with a high priority or order, allow users to permit/dent external IP's into the server and service.

It would be good, if this would be available for firewalld/nftbales, too.