diff --git a/hosts/carbon/ppp-ncfttb.nix b/hosts/carbon/ppp-ncfttb.nix
index 14ede68..38d882c 100644
--- a/hosts/carbon/ppp-ncfttb.nix
+++ b/hosts/carbon/ppp-ncfttb.nix
@@ -60,4 +60,10 @@
     ip46tables -t mangle -A forward-mangle -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
   '';
 
+  networking.firewall.extraCommands = ''
+    # Reject all IPv4 traffic that tries to enter and leave the PPP tunnel
+    iptables -I INPUT -i ppp-ncfttb -j DROP
+    iptables -I OUTPUT -o ppp-ncfttb -j DROP
+  '';
+
 }
diff --git a/hosts/krypton/android.nix b/hosts/krypton/android.nix
deleted file mode 100644
index 3a1d5f5..0000000
--- a/hosts/krypton/android.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{ pkgs, ... }:
-
-{
-
-  services.udev.packages = [
-    pkgs.android-udev-rules
-  ];
-
-}
diff --git a/hosts/krypton/configuration.nix b/hosts/krypton/configuration.nix
index 2881e1b..7e56bbd 100644
--- a/hosts/krypton/configuration.nix
+++ b/hosts/krypton/configuration.nix
@@ -5,7 +5,6 @@
     [
       ./hardware-configuration.nix
 
-      ./android.nix
       ./backup.nix
       ./etesync-dav.nix
       #./initrd.nix
diff --git a/profiles/desktop/fonts.nix b/profiles/desktop/fonts.nix
index 0563dcc..b2281f3 100644
--- a/profiles/desktop/fonts.nix
+++ b/profiles/desktop/fonts.nix
@@ -11,7 +11,7 @@ with lib;
       roboto
       roboto-mono
       noto-fonts
-      noto-fonts-emoji
+      noto-fonts-color-emoji
       comfortaa
     ] ++ (if pkgs ? "noto-fonts-cjk-sans" then [ pkgs.noto-fonts-cjk-sans ] else [ pkgs.noto-fonts-cjk ]);
 
diff --git a/profiles/desktop/power.nix b/profiles/desktop/power.nix
index e7fca11..d18e485 100644
--- a/profiles/desktop/power.nix
+++ b/profiles/desktop/power.nix
@@ -8,7 +8,7 @@ with lib;
 
     boot.resumeDevice = lib.optionalString ((lib.length config.swapDevices) > 0) (lib.head config.swapDevices).device;
     services.logind = {
-      lidSwitch = "suspend-then-hibernate";
+      settings.Login.HandleLidSwitch = "suspend-then-hibernate";
     };
     systemd.sleep.extraConfig = ''
       HibernateDelaySec=30m
diff --git a/profiles/firefox/default.nix b/profiles/firefox/default.nix
index 424b1bc..1d91005 100644
--- a/profiles/firefox/default.nix
+++ b/profiles/firefox/default.nix
@@ -12,8 +12,6 @@ with lib;
 
     programs.firefox.enable = true;
 
-    programs.firefox.package = pkgs.firefox-wayland;
-
     programs.firefox.policies = {
       AutofillAddressEnabled = false;
       AutofillCreditCardEnabled = false;
diff --git a/profiles/router/default.nix b/profiles/router/default.nix
index 11a7a51..bc76a01 100644
--- a/profiles/router/default.nix
+++ b/profiles/router/default.nix
@@ -11,8 +11,10 @@ with lib;
   config = mkIf config.profiles.clerie.router.enable {
 
     environment.systemPackages = with pkgs; [
-      wireguard-tools
+      conntrack-tools
+      iptstate # show conntrack table
       tcpdump
+      wireguard-tools
     ];
   
     boot.kernel.sysctl = {