nftables is the biggest change in the linux firewalling system in more than a decade.
It promises simplified rulesets, unification of IPv4/IPv6 rules and superior performance to iptables. It also allows backward compatibility with iptables rules. There may be benefits to switching but also reasons for not: if it ain't broke don't fix it. Nonetheless its some food for thought.
Supported in recent kernels 3.13+ and packaged in Debian for Jessie and up.