diff --git a/states/nftables/defaults.yaml b/states/nftables/defaults.yaml
index 4fb5030..d8fc96f 100644
--- a/states/nftables/defaults.yaml
+++ b/states/nftables/defaults.yaml
@@ -2,4 +2,5 @@
 nftables:
   enabled: true
   config_dir: /etc/nftables
+  log: false
   networks: {}
diff --git a/states/nftables/templates/rules.nft.j2 b/states/nftables/templates/rules.nft.j2
index b339972..9fb72a3 100644
--- a/states/nftables/templates/rules.nft.j2
+++ b/states/nftables/templates/rules.nft.j2
@@ -19,7 +19,10 @@ add rule ip filter INPUT ip saddr {{ value.ip }}/{{ value.mask }} ct state estab
 {%- for key, value in net.public_ports.items() %}
 add rule ip filter INPUT {{ value.proto }} dport {{ value.port }} ct state established,new counter accept
 {%- endfor %}
-#add rule ip filter INPUT counter log
+{%- if nftables.log %}
+add rule ip filter INPUT counter log
+{%- endif %}
+
 
 ## IPv4 NAT
 add table ip nat
@@ -28,12 +31,18 @@ add chain ip nat INPUT { type nat hook input priority 1; policy accept; }
 add chain ip nat OUTPUT { type nat hook output priority -100; policy accept; }
 add chain ip nat POSTROUTING { type nat hook postrouting priority srcnat; policy accept; }
 add chain ip nat DOCKER
+
+### Main NAT rules
 {%- for key, value in net.nats.items() %}
 add rule ip nat POSTROUTING ip saddr {{ value.ip }}/{{ value.mask }} counter masquerade
 {%- endfor %}
+
+### Docker related rules
 add rule ip nat POSTROUTING oifname != "docker0" ip saddr 172.17.0.0/24 counter masquerade
 add rule ip nat PREROUTING fib daddr type local counter jump DOCKER
 add rule ip nat OUTPUT ip daddr != 127.0.0.0/8 fib daddr type local counter jump DOCKER
+add rule ip nat POSTROUTING iifname br-* counter masquerade
+add rule ip nat POSTROUTING iifname veth-* counter masquerade
 
 add rule ip nat DOCKER iifname "docker0" counter return
 
@@ -52,10 +61,8 @@ add rule ip6 filter6 INPUT ip6 saddr {{ value.ip }}/{{ value.mask }} ct state es
 {%- for key, value in net.public_ports.items() %}
 add rule ip6 filter6 INPUT {{ value.proto }} dport {{ value.port }} ct state established,new counter accept
 {%- endfor %}
-#add rule ip6 filter6 INPUT counter log
-
-#add table ip blparser
-#add chain ip blparser INPUT { type filter hook input priority 0; policy accept; }
+{%- if nftables.log %}
+add rule ip6 filter6 INPUT counter log
+{%- endif %}
 
 ## Endline is mandatory
-