diff --git a/.config/nftables.conf b/.config/nftables.conf
index a4a8073..68f04c3 100755
--- a/.config/nftables.conf
+++ b/.config/nftables.conf
@@ -3,13 +3,15 @@
 flush ruleset
 
 table inet filter {
-	chain input {
-		type filter hook input priority filter; policy drop;
-		# accept any localhost traffic
-		iif lo accept
-		# accept traffic originated from us
-		ct state established,related accept
-		# accept neighbour discovery otherwise connectivity breaks
-		icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } accept
-	}
+    chain input {
+        type filter hook input priority filter; policy drop;
+
+        iif lo accept comment "Accept localhost traffic"
+        ct state invalid drop comment "Drop invalid connections"
+        ct state established,related accept comment "Accept established and related connections"
+        meta l4proto { icmp, ipv6-icmp } accept comment "Accept ICMP/ICMPv6 traffic"
+        ip protocol igmp accept comment "Accept IGMP traffic"
+
+        udp dport mdns accept comment "Accept mDNS"
+    }
 }