diff --git a/roles/proxmox-backup/handlers/main.yml b/roles/proxmox-backup/handlers/main.yml
index 330874b..fd89039 100644
--- a/roles/proxmox-backup/handlers/main.yml
+++ b/roles/proxmox-backup/handlers/main.yml
@@ -10,3 +10,9 @@
   package:
     update_cache: yes
   when: "'handler' not in ansible_skip_tags"
+
+- name: reload nftables
+  service:
+    name: nftables
+    state: reloaded
+  when: "'handler' not in ansible_skip_tags"
diff --git a/roles/proxmox-backup/tasks/firewall.yml b/roles/proxmox-backup/tasks/firewall.yml
new file mode 100644
index 0000000..be12d9b
--- /dev/null
+++ b/roles/proxmox-backup/tasks/firewall.yml
@@ -0,0 +1,16 @@
+- name: Install nftables
+  package:
+    name: nftables
+
+- name: Configure nftables
+  template:
+    dest: /etc/nftables.conf
+    src: nftables.conf.j2
+    mode: 0644
+  notify: reload nftables
+
+- name: Enable nftables
+  service:
+    name: nftables
+    enabled: true
+    state: started
diff --git a/roles/proxmox-backup/tasks/main.yml b/roles/proxmox-backup/tasks/main.yml
index 6fe2b63..81f3a88 100644
--- a/roles/proxmox-backup/tasks/main.yml
+++ b/roles/proxmox-backup/tasks/main.yml
@@ -83,5 +83,4 @@
       notify: reboot
 
 
-
-- meta: flush_handlers
+- include_tasks: firewall.yml