diff --git a/machines/shinobu/services/router.nix b/machines/shinobu/services/router.nix
index 8da8d35..784563c 100644
--- a/machines/shinobu/services/router.nix
+++ b/machines/shinobu/services/router.nix
@@ -73,6 +73,7 @@ in
             iifname wg-upstream tcp flags syn / syn,rst tcp option maxseg size set rt mtu
             oifname wg-upstream tcp flags syn / syn,rst tcp option maxseg size set rt mtu
 
+            # allow traffic between lan and wan
             iifname $NAT_LAN_IFACES oifname $NAT_WAN_IFACES counter accept
             iifname $NAT_WAN_IFACES oifname $NAT_LAN_IFACES ct state established,related counter accept
 
@@ -90,10 +91,6 @@ in
         }
 
         table inet nat {
-          chain prerouting {
-            type nat hook prerouting priority filter; policy accept
-          }
-
           chain postrouting {
             type nat hook postrouting priority filter; policy accept
             oifname $MASQUERADE_IFACES masquerade