Symptoms
On Ubuntu 22.04 template installed in the CT (with iptables v1.8.7 (nf_tables)), the iptables-nft-restore command might lead to the errors like "Device or resource is busy" from the dump successfully created in the recent past:
the errors might arise during restoring the chains using iptables-nft-restore tool. Restoring IPv6 rules might produce the similar error:
ip6tables v1.8.7 (nf_tables): CHAIN_ADD failed (Device or resource busy): chain PREROUTING
Cause
The situation has been investigated within the internal product request #PSBM-140151. iptables-nft-restore is a part of nft toolset for Ubuntu-22.04 template might work for certain workload, but still might have issues like mentioned above. The explanation is that iptables-nft tools work differently in Ubuntu 20.04 and 22.04 in restoration of iptables rules.
Resolution
Consider using "legacy" iptables as alternative inside of VZ7 Containers based on Ubuntu-22.04. Please avoid using iptables-nft command since it might have issues like described. Permanently for a container, it is possible to set legacy command to be invoked by default, updating alternatives for iptables-restore to point to the legacy tool, iptables-legacy-restore, by switching iptables to legacy mode, using the command update-alternatives --config iptables.