diff --git a/roles/nftables/templates/nftables.conf.j2 b/roles/nftables/templates/nftables.conf.j2
index 692a6e2..164d1d4 100644
--- a/roles/nftables/templates/nftables.conf.j2
+++ b/roles/nftables/templates/nftables.conf.j2
@@ -19,7 +19,7 @@ table ip filter {
 {%       endif %}
 {%     endfor %}
 {%   else %}
-        ip {{ rule.proto }} dport {{ rule.port }} accept
+        {{ rule.proto }} dport {{ rule.port }} accept
 {%   endif %}
 {% endfor %}
         reject with icmp type host-prohibited
@@ -42,11 +42,11 @@ table ip6 filter {
 {%         set from = lookup('dig', from) %}
 {%       endif %}
 {%       if from | ipv6 %}
-        ip saddr {{ from }} {{ rule.proto }} dport {{ rule.port }} accept
+        ip6 saddr {{ from }} {{ rule.proto }} dport {{ rule.port }} accept
 {%       endif %}
 {%     endfor %}
 {%   else %}
-        ip {{ rule.proto }} dport {{ rule.port }} accept
+        {{ rule.proto }} dport {{ rule.port }} accept
 {%   endif %}
 {% endfor %}
         reject with icmpv6 type admin-prohibited