Comment 0 for bug 1936902

The new nftables
  https://launchpad.net/ubuntu/+source/nftables/0.9.8-3
is stuck in proposed since it fails autopkgtest of firewalld
  https://autopkgtest.ubuntu.com/packages/f/firewalld/impish/amd64
  https://autopkgtest.ubuntu.com/results/autopkgtest-impish/impish/amd64/f/firewalld/20210510_135128_36f9c@/log.gz
  https://autopkgtest.ubuntu.com/packages/f/firewalld/impish/s390x
  https://autopkgtest.ubuntu.com/results/autopkgtest-impish/impish/s390x/f/firewalld/20210510_131115_faeb7@/log.gz

It fails the same way across architectures in:
## ------------------------ ##
## Summary of the failures. ##
## ------------------------ ##
Failed tests:
firewalld 0.9.3 test suite test groups:

 NUM: FILE-NAME:LINE TEST-GROUP-NAME
      KEYWORDS

  97: icmp_block_in_forward_chain.at:1 ICMP block present FORWARD chain
      nftables icmp
 124: rhbz1855140.at:1 rich rule icmptypes with one family
      nftables rich icmp rhbz1855140

The upstream issue tracker
  https://github.com/firewalld/firewalld/issues?q=is%3Aissue+is%3Aopen
does not list those cases, but there is a new v9.4.0 that we might try.

In Debian this isn't showing up
  https://ci.debian.net/packages/f/firewalld/
Because they are all Skipped for not having machine level isolation
  https://ci.debian.net/data/autopkgtest/testing/amd64/f/firewalld/13738304/log.gz

Furthermore it is yet unclear if this is locally reproducible.