position isn’t just where the rule is stored in the vector – it represents the rule’s actual priority.
These are translated into nftables (or iptables) using the same order, and Linux firewalls use the first match (such that later rules are not evaluated).
In any case, even if there weren’t priority attached to position (though there is 
) it would still be the case that updates at a specific position would overwrite whatever is already there (so it’s important to verify what currently resides at that location when reviewing a proposal of this sort).
@ZackDS, you seemed to be fairly confident in your post. Can I ask how you verified the correctness of the firewall position?
@pietrodimarco, when you submitted this proposal, how did you ascertain that position 2 should be used? This will help with identifying other approaches that reviewers can use. Thanks