diff --git a/config/etc/nftables.conf b/config/etc/nftables.conf
index 2fc90ff..f7bb70e 100644
--- a/config/etc/nftables.conf
+++ b/config/etc/nftables.conf
@@ -2,36 +2,36 @@
 
 flush ruleset
 
-table inet filter {
+table ip filter {
     chain input {
         type filter hook input priority 0;
         policy drop;
 
 
         # allow already established connections (e.g. initiated by this host)
-        add rule ip filter INPUT ct state related,established counter accept
+        ct state related,established counter accept
 
         # allow ICMP
-        add rule ip filter INPUT ip protocol icmp counter accept
+        ip protocol icmp counter accept
 
         # allow anything on localhost
-        add rule ip filter INPUT iifname "lo" counter accept
+        iifname "lo" counter accept
 
         # allow SSH for remote management
-        add rule ip filter INPUT tcp dport 22 counter accept
+        tcp dport 22 counter accept
 
 
         ## docker
 
         # cluster management communications
-        add rule ip filter INPUT tcp dport 2377 counter accept
+        tcp dport 2377 counter accept
 
         # communication among nodes
-        add rule ip filter INPUT tcp dport 7946 counter accept
-        add rule ip filter INPUT udp dport 7946 counter accept
+        tcp dport 7946 counter accept
+        udp dport 7946 counter accept
 
         # overlay network traffic
-        add rule ip filter INPUT udp dport 4789 counter accept
+        udp dport 4789 counter accept
     }
     chain forward {
         type filter hook forward priority 0;