diff --git a/sio2/SISR/05-pxe/nftables.conf b/sio2/SISR/05-pxe/nftables.conf
new file mode 100755
index 0000000..c6b4df5
--- /dev/null
+++ b/sio2/SISR/05-pxe/nftables.conf
@@ -0,0 +1,25 @@
+#!/usr/sbin/nft -f
+
+flush ruleset
+
+table inet filter {
+	chain input {
+		type filter hook input priority filter;
+	}
+	chain forward {
+		type filter hook forward priority filter;
+	}
+	chain output {
+		type filter hook output priority filter;
+	}
+}
+
+table inet nat {
+	chain prerouting {
+		type nat hook prerouting priority 0;
+	}
+	chain postrouting {
+		type nat hook postrouting priority 100;
+		oifname "enp0s3" masquerade
+	}
+}