diff --git a/bundles/nftables/files/nftables.conf b/bundles/nftables/files/nftables.conf
index 96497ed..92d59ba 100644
--- a/bundles/nftables/files/nftables.conf
+++ b/bundles/nftables/files/nftables.conf
@@ -6,60 +6,47 @@ table inet filter {
 
   # INPUT
 
-	chain input {
-		type filter hook input priority 0;
-    policy drop;
+  chain input {
+    type filter hook input priority 0
+    policy drop
 
-    # Allow traffic from established and related packets, drop invalid
-    ct state vmap { established : accept, related : accept, invalid : drop }
-
-    # Allow loopback traffic.
+    # allow loopback
     iifname lo accept
-
-    # accepting ping (icmp-echo-request) for diagnostic purposes.
-    icmp type echo-request limit rate 5/second accept
+    # allow established
+    ct state vmap { established : accept, related : accept, invalid : drop }
+    # allow ping
+    icmp type echo-request accept
+    icmpv6 type echo-request accept
+    # allow neighbour discovery
     icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } accept
 
-    # Jump to chain according to layer 3 protocol using a verdict map
-    meta protocol vmap { ip : jump inbound_ipv4, ip6 : jump inbound_ipv6 }
-
-    #rules
+    # rules
 % for rule in sorted(input):
     ${rule}
 % endfor
-	}
-
-  chain inbound_ipv4 {
-    # accepting ping (icmp-echo-request) for diagnostic purposes.
-    icmp type echo-request limit rate 5/second accept
-  }
-
-  chain inbound_ipv6 {
-    # accept neighbour discovery otherwise connectivity breaks
-    icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } accept
-
-    # accepting ping (icmpv6-echo-request) for diagnostic purposes.
-    icmpv6 type echo-request limit rate 5/second accept
   }
 
   # FORWARD
 
-	chain forward {
-		type filter hook forward priority 0;
+  chain forward {
+    type filter hook forward priority 0
+    policy accept
 
-    #rules
+    # rules
 % for rule in sorted(forward):
     ${rule}
 % endfor
-	}
+  }
 
   # OUTPUT
 
-	chain output {
-		type filter hook output priority 0;
+  chain output {
+    type filter hook output priority 0
+    policy accept
 
+    # rules
 % for rule in sorted(output):
     ${rule}
 % endfor
-	}
+  }
 }