diff --git a/services/firewall/rules.nft b/services/firewall/rules.nft
index a411d70..2fe3583 100644
--- a/services/firewall/rules.nft
+++ b/services/firewall/rules.nft
@@ -53,7 +53,7 @@ table inet firewall {
     type filter hook input priority 0; policy drop;
 
     ct state invalid drop                                 # early drop of invalid packets
-    ct state { established, related } accept                # allow established/related connections
+    ct state { established, related } accept              # allow established/related connections
 
     iif lo accept                                         # allow traffic from loopback interface
 
@@ -97,6 +97,9 @@ table inet firewall {
     iifname $vpn ip daddr $lan_net drop                   # Block all other VPN clients from accessing the LAN network 
   
     iifname $vpn oifname $wan accept                      # Allow VPN traffic to access WAN
+    
+    iifname "podman*" accept                              # allow traffic from podman interfaces (podman0, podman1, ...)
+    oifname "podman*" accept                              # allow traffic to podman interfaces (podman0, podman1, ...)
   }
 
   chain outgoing {