diff --git a/hosts/carbon/configuration.nix b/hosts/carbon/configuration.nix
index 27d7041..e36b1c3 100644
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@@ -115,6 +115,13 @@
 
   networking.firewall.allowedUDPPorts = [ 60001 ];
 
+  networking.firewwall.extraCommands = [
+    "iptables -A FORWARD -i enp1s0.202 -o enp1s0.102 -j ACCEPT"
+    "iptables -A FORWARD -i enp1s0.202 -j DROP"
+    "iptables -A FORWARD -i enp1s0.102 -o enp1s0.202 -j ACCEPT"
+    "iptables -A FORWARD -o enp1s0.202 -j DROP"
+  ];
+
   # Routing tables
   # Table: 10000
   # - primary routes