Ubuntu 21.10 switched to nftables, so why is iptables still available?
Solution 1:
After your whereis iptables command, you should follow the files. Example, from a 20.04 server:
doug@s19:~$ whereis iptables
iptables: /usr/sbin/iptables /usr/share/iptables /usr/share/man/man8/iptables.8.gz
doug@s19:~$ ls -l /usr/sbin/iptables
lrwxrwxrwx 1 root root 26 Jan 23 2020 /usr/sbin/iptables -> /etc/alternatives/iptables
doug@s19:~$ ls -l /etc/alternatives/iptables
lrwxrwxrwx 1 root root 22 Apr 18 2021 /etc/alternatives/iptables -> /usr/sbin/iptables-nft
doug@s19:~$ ls -l /usr/sbin/iptables-nft
lrwxrwxrwx 1 root root 17 Feb 28 2020 /usr/sbin/iptables-nft -> xtables-nft-multi
doug@s19:~$ ls -l /usr/sbin/xtables-nft-multi
-rwxr-xr-x 1 root root 220488 Feb 28 2020 /usr/sbin/xtables-nft-multi
So, iptables is actually using nftables.
nftables can interpret iptables syntax.
Solution 2:
I don't have all the answers to your questions but I do have some of them.
UFW is a firewall abstraction layer that can use either iptables or nftables as the back-end firewall. It's just Ubuntu's handy helper, much like Firewalld + firewall-cmd are for Red Hat variants.
A fresh server installation of Ubuntu 21.10 Server shows exactly what you are seeing - that in fact the back-end is still using iptables on a standard server installation.
xtables-nft-multi (or simply xtables-multi)'s manpage shows an explanation:
xtables-nft are versions of iptables that use the nftables API. This is a set of tools to help the system administrator migrate the ruleset from iptables(8), ip6tables(8), arptables(8), and ebtables(8) to nftables(8).
So far as I can tell, you are correct that while Ubuntu seems to be moving toward nftables as a replacement for iptables, they aren't there yet.
The nice thing though, is that if you've been using UFW all this time, nothing will change from a management perspective since both iptables and nftables seem to be interchangeable, since nft will accept iptables syntax, even if you have funky rules in /etc/ufw/before.rules for example.