diff --git a/nixos/hosts/osaka-vultr-01/xinetd.nix b/nixos/hosts/osaka-vultr-01/xinetd.nix
index 45f6b520..61acd9a9 100644
--- a/nixos/hosts/osaka-vultr-01/xinetd.nix
+++ b/nixos/hosts/osaka-vultr-01/xinetd.nix
@@ -20,8 +20,10 @@
     5347  # Jitsi
     5280  # Jitsi
   ];
-  networking.firewall.extraCommands = ''${pkgs.iptables}/bin/iptables -t nat -A PREROUTING -p udp --dport 10000 -j DNAT --to-destination 10.100.0.2:10000'';
-  networking.firewall.extraStopCommands = ''${pkgs.iptables}/bin/iptables -t nat -D PREROUTING -p udp --dport 10000 -j DNAT --to-destination 10.100.0.2:10000'';
+  networking.firewall.extraCommands     = ''
+    ${pkgs.iptables}/bin/iptables -t nat -A PREROUTING -p udp --dport 10000 -j DNAT --to-destination 10.100.0.2:10000
+    ${pkgs.iptables}/bin/iptables -A FORWARD -p udp -d 10.100.0.2 --dport 10000 -j ACCEPT  
+  '';
 
   services.xinetd = {
     enable = true;