diff --git a/bins/packages/rmb/rmb.sh b/bins/packages/rmb/rmb.sh
index cdd395c57..63c7a6aeb 100644
--- a/bins/packages/rmb/rmb.sh
+++ b/bins/packages/rmb/rmb.sh
@@ -1,5 +1,5 @@
-RMB_VERSION="1.0.6"
-RMB_CHECKSUM="0a864b3bd6b8b8ca762f1024052f73ed"
+RMB_VERSION="1.0.5"
+RMB_CHECKSUM="c6ce07170300c149d4cca6523f4081c4"
 RMB_LINK="https://github.com/threefoldtech/rmb-rs/releases/download/v${RMB_VERSION}/rmb-peer"
 
 download_rmb() {
diff --git a/cmds/modules/networkd/nft.go b/cmds/modules/networkd/nft.go
index db05f9b72..d1dc1175f 100644
--- a/cmds/modules/networkd/nft.go
+++ b/cmds/modules/networkd/nft.go
@@ -12,45 +12,25 @@ func ensureHostFw(ctx context.Context) error {
 	log.Info().Msg("ensuring existing host nft rules")
 
 	cmd := exec.CommandContext(ctx, "/bin/sh", "-c",
-		`
-nft 'add table inet filter'
-nft 'add table arp filter'
-nft 'add table bridge filter'
-
-# duo to a bug we had we need to make sure those chains are
-# deleted and then recreated later
-nft 'delete chain inet filter input'
-nft 'delete chain inet filter forward'
-nft 'delete chain inet filter output'
-
-nft 'delete chain bridge filter input'
-nft 'delete chain bridge filter forward'
-nft 'delete chain bridge filter output'
-
-nft 'delete chain arp filter input'
-nft 'delete chain arp filter output'
-
-# recreate chains correctly
+		`nft 'add table inet filter'
 nft 'add chain inet filter input   { type filter hook input priority filter; policy accept; }'
-nft 'add chain inet filter forward { type filter hook forward priority filter; policy accept; }'
-nft 'add chain inet filter output  { type filter hook output priority filter; policy accept; }'
-nft 'add chain inet filter prerouting  { type filter hook prerouting priority filter; policy accept; }'
+nft 'add chain inet filter forward { type filter hook input priority filter; policy accept; }'
+nft 'add chain inet filter output  { type filter hook input priority filter; policy accept; }'
 
+nft 'add table arp filter'
 nft 'add chain arp filter input  { type filter hook input priority filter; policy accept; }'
-nft 'add chain arp filter output { type filter hook output priority filter; policy accept; }'
+nft 'add chain arp filter output { type filter hook input priority filter; policy accept; }'
 
+nft 'add table bridge filter'
 nft 'add chain bridge filter input   { type filter hook input priority filter; policy accept; }'
-nft 'add chain bridge filter forward { type filter hook forward priority filter; policy accept; }'
+nft 'add chain bridge filter forward { type filter hook input priority filter; policy accept; }'
 nft 'add chain bridge filter prerouting { type filter hook prerouting priority filter; policy accept; }'
 nft 'add chain bridge filter postrouting { type filter hook postrouting priority filter; policy accept; }'
-nft 'add chain bridge filter output  { type filter hook output priority filter; policy accept; }'
-
+nft 'add chain bridge filter output  { type filter hook input priority filter; policy accept; }'
 nft 'flush chain bridge filter forward'
-nft 'flush chain inet filter forward'
-nft 'flush chain inet filter prerouting'
-
-# drop smtp traffic for hidden nodes
-nft 'add rule inet filter prerouting iifname "b-*" tcp dport {25, 587, 465} reject with icmp type admin-prohibited'
+# nft 'add rule bridge filter forward icmpv6 type nd-router-advert drop'
+# nft 'add rule bridge filter forward ip6 version 6 udp sport 547 drop'
+# nft 'add rule bridge filter forward ip version 4 udp sport 67 drop'
 `)
 
 	if err := cmd.Run(); err != nil {