diff --git a/bundlewrap/bundles/nftables/files/nftables.conf b/bundlewrap/bundles/nftables/files/nftables.conf
index 96635805..a2f5c053 100644
--- a/bundlewrap/bundles/nftables/files/nftables.conf
+++ b/bundlewrap/bundles/nftables/files/nftables.conf
@@ -16,9 +16,8 @@ table inet filter {
 
         icmp type timestamp-request drop
         icmp type timestamp-reply drop
-        ip protocol icmp accept
+        meta l4proto {icmp, ipv6-icmp} accept
 
-        ip6 nexthdr ipv6-icmp accept
 % for ruleset, rules in sorted(input.items()):
 
         # ${ruleset}