diff --git a/roles/multi-node-firewall/README.rst b/roles/multi-node-firewall/README.rst
index c19f310dd..15c2fea48 100644
--- a/roles/multi-node-firewall/README.rst
+++ b/roles/multi-node-firewall/README.rst
@@ -1,2 +1,10 @@
-Configures the inventory private and public addresses in a multi-node job in
-iptables in order to allow traffic to and from each node without restrictions.
+Multinode firewall is configured.
+
+This role is intended to install iptables and configure firewall.
+
+**Role Variables**
+
+.. zuul:rolevar:: iptables_package
+   :default: iptables
+
+   Install the distribution package for Iptables.
diff --git a/roles/multi-node-firewall/defaults/main.yaml b/roles/multi-node-firewall/defaults/main.yaml
new file mode 100644
index 000000000..8abfee197
--- /dev/null
+++ b/roles/multi-node-firewall/defaults/main.yaml
@@ -0,0 +1,2 @@
+---
+iptables_package: "iptables"
diff --git a/roles/multi-node-firewall/tasks/main.yaml b/roles/multi-node-firewall/tasks/main.yaml
index 578fb2cd0..fc6f8eebd 100644
--- a/roles/multi-node-firewall/tasks/main.yaml
+++ b/roles/multi-node-firewall/tasks/main.yaml
@@ -1,7 +1,16 @@
-- name: Ensure iptables
+- name: Include operating system specific vars
+  include_vars: "{{ zj_distro_os }}"
+  with_first_found:
+    - "{{ ansible_distribution }}.yaml"
+    - "{{ ansible_os_family }}.yaml"
+    - "default.yaml"
+  loop_control:
+    loop_var: zj_distro_os
+
+- name: 'Ensure {{ iptables_package }}'
   become: true
   package:
-    name: iptables
+    name: "{{ iptables_package }}"
 
 - name: Set up the host ip addresses
   set_fact:
diff --git a/roles/multi-node-firewall/vars/CentOS.yaml b/roles/multi-node-firewall/vars/CentOS.yaml
new file mode 100644
index 000000000..f745401d2
--- /dev/null
+++ b/roles/multi-node-firewall/vars/CentOS.yaml
@@ -0,0 +1,7 @@
+---
+iptables_package: >-
+  {% if ansible_distribution_major_version|int <= 8 -%}
+  iptables
+  {%- else -%}
+  iptables-nft
+  {%- endif %}
diff --git a/roles/multi-node-firewall/vars/Fedora.yaml b/roles/multi-node-firewall/vars/Fedora.yaml
new file mode 100644
index 000000000..79ccd36b2
--- /dev/null
+++ b/roles/multi-node-firewall/vars/Fedora.yaml
@@ -0,0 +1,7 @@
+---
+iptables_package: >-
+  {% if ansible_distribution_major_version|int <= 33 -%}
+  iptables
+  {%- else -%}
+  iptables-nft
+  {%- endif %}
diff --git a/roles/multi-node-firewall/vars/RedHat.yaml b/roles/multi-node-firewall/vars/RedHat.yaml
new file mode 100644
index 000000000..f745401d2
--- /dev/null
+++ b/roles/multi-node-firewall/vars/RedHat.yaml
@@ -0,0 +1,7 @@
+---
+iptables_package: >-
+  {% if ansible_distribution_major_version|int <= 8 -%}
+  iptables
+  {%- else -%}
+  iptables-nft
+  {%- endif %}
diff --git a/roles/multi-node-firewall/vars/default.yaml b/roles/multi-node-firewall/vars/default.yaml
new file mode 100644
index 000000000..8abfee197
--- /dev/null
+++ b/roles/multi-node-firewall/vars/default.yaml
@@ -0,0 +1,2 @@
+---
+iptables_package: "iptables"