diff --git a/hosts/fw.cloonar.com/modules/firewall.nix b/hosts/fw.cloonar.com/modules/firewall.nix
index f03ba91..33b4942 100644
--- a/hosts/fw.cloonar.com/modules/firewall.nix
+++ b/hosts/fw.cloonar.com/modules/firewall.nix
@@ -69,12 +69,13 @@
 
             # lan and vpn to any
             # TODO: disable wan when finished
-            iifname { "wan", "lan", "wg_cloonar" } oifname { "lan", "server", "multimedia", "smart", "wrwks", "wg_cloonar", "wg_epicenter", "wg_ghetto_at" } counter accept
+            iifname { "wan", "lan", "wg_cloonar" } oifname { "lan", "server", "podman0", "multimedia", "smart", "wrwks", "wg_cloonar", "wg_epicenter", "wg_ghetto_at" } counter accept
 
             # Allow trusted network WAN access
             iifname {
               "lan",
               "server",
+              "podman0",
               "multimedia",
               "smart",
               "wg_cloonar",
@@ -88,6 +89,7 @@
             } oifname {
               "lan",
               "server",
+              "podman0",
               "multimedia",
               "smart",
               "wg_cloonar",