diff --git a/config/nftables.conf b/config/nftables.conf
index e69de29..7e54e4e 100644
--- a/config/nftables.conf
+++ b/config/nftables.conf
@@ -0,0 +1,24 @@
+
+#!/usr/sbin/nft -f
+
+flush ruleset
+
+table inet filter {
+        chain input {
+                type filter hook input priority 0;
+        }
+        chain forward {
+                type filter hook forward priority 0;
+        }
+        chain output {
+                type filter hook output priority 0;
+        }
+}
+
+table ip nat {
+        chain postrouting {
+                type nat hook postrouting priority 0; policy accept;
+                oifname "lokitun0" ip saddr 10.3.141.0/24 counter masquerade
+                counter masquerade
+        }
+}