Install the ufw
iptables-nft
wrapper with:
# pacman -Sy ufw
Enable and start it with:
# systemctl enable ufw
# systemctl start ufw
Configure it. By default, block all incoming connections and allow all outgoing. This is what you typically want:
# ufw default allow outgoing
# ufw default deny incoming
# ufw reload
Done!