diff --git a/modules/firewall/default.nix b/modules/firewall/default.nix
index b1196d6..fa4d99c 100644
--- a/modules/firewall/default.nix
+++ b/modules/firewall/default.nix
@@ -73,13 +73,17 @@ in
               };
           in svc.build args' ;
       };
-
+    programs.busybox.applets = [
+      "insmod" "rmmod"
+    ];
     kernel.config = {
       NETFILTER = "y";
       NETFILTER_ADVANCED = "y";
       NETFILTER_NETLINK = "m";
       NF_CONNTRACK = "m";
 
+      NETLINK_DIAG = "y";
+
       IP6_NF_IPTABLES=  "m";
       IP_NF_IPTABLES = "m";
       IP_NF_NAT = "m";