diff --git a/main/nnd-s6-services/APKBUILD b/main/nnd-s6-services/APKBUILD
index a95ac0e..ed92638 100644
--- a/main/nnd-s6-services/APKBUILD
+++ b/main/nnd-s6-services/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: Alex Denes <caskd@redxen.eu>
 # Maintainer: Alex Denes <caskd@redxen.eu>
 pkgname=nnd-s6-services
-pkgver=0.32
+pkgver=0.33
 pkgrel=0
 pkgdesc="Base services for s6"
 url="none"
diff --git a/main/nnd-s6-services/rc/net/nftables/down b/main/nnd-s6-services/rc/net/nftables/down
new file mode 100644
index 0000000..043907b
--- /dev/null
+++ b/main/nnd-s6-services/rc/net/nftables/down
@@ -0,0 +1,11 @@
+#!/bin/execlineb -P
+s6-envdir -i /etc/s6/env/core/path
+importas -i PATH PATH
+emptyenv
+
+export PATH $PATH
+
+fdclose 1
+fdclose 2
+
+exec nft flush ruleset
diff --git a/main/nnd-s6-services/rc/net/nftables/type b/main/nnd-s6-services/rc/net/nftables/type
new file mode 100644
index 0000000..bdd22a1
--- /dev/null
+++ b/main/nnd-s6-services/rc/net/nftables/type
@@ -0,0 +1 @@
+oneshot
diff --git a/main/nnd-s6-services/rc/net/nftables/up b/main/nnd-s6-services/rc/net/nftables/up
new file mode 100644
index 0000000..a4500e9
--- /dev/null
+++ b/main/nnd-s6-services/rc/net/nftables/up
@@ -0,0 +1,12 @@
+#!/bin/execlineb -P
+s6-envdir -i /etc/s6/env/core/path
+importas -i PATH PATH
+emptyenv
+
+export PATH $PATH
+define RULESET /etc/nftables/core.nft
+
+fdclose 1
+fdclose 2
+
+exec nft -f ${RULESET}