diff --git a/hosts/fw.cloonar.com/modules/firewall.nix b/hosts/fw.cloonar.com/modules/firewall.nix
index 29daf46..5b3c9ef 100644
--- a/hosts/fw.cloonar.com/modules/firewall.nix
+++ b/hosts/fw.cloonar.com/modules/firewall.nix
@@ -55,7 +55,7 @@
           }
 
           chain forward {
-            type filter hook forward priority filter; policy drop;
+            type filter hook forward priority filter; policy accept;
 
             # enable flow offloading for better throughput
             # ip protocol { tcp, udp } flow offload @f