diff --git a/domain-proxies-module.nix b/domain-proxies-module.nix
index 9ecc85a..0c44728 100644
--- a/domain-proxies-module.nix
+++ b/domain-proxies-module.nix
@@ -25,6 +25,10 @@ let
         ip = mkOption { type = types.str; };
         host = mkOption { type = types.str; };
         vms = mkOption { type = types.attrsOf (types.submodule vm-module); };
+        port-forward = mkOption {
+          type = types.listOf types.ints.unsigned;
+          default = [ ];
+        };
 
         domain-list = mkOption {
           type = types.listOf types.str;
@@ -49,9 +53,9 @@ let
             vm.aliases
           ]) config.vms
         );
-        ports = flatten (
-          mapAttrsToList (_: vm: vm.port-forward ++ optional (!isNull vm.ssh) vm.ssh) config.vms
-        );
+        ports =
+          config.port-forward
+          ++ flatten (mapAttrsToList (_: vm: vm.port-forward ++ optional (!isNull vm.ssh) vm.ssh) config.vms);
         redirects = {
           stream = flatten (
             mapAttrsToList (
@@ -219,6 +223,7 @@ in
           ''
             server {
               listen ${toString input};
+              listen [::]:${toString input};
               proxy_pass ${ip}:${toString out};
             }
           ''
diff --git a/domain-proxies.nix b/domain-proxies.nix
index a7f3178..0849657 100644
--- a/domain-proxies.nix
+++ b/domain-proxies.nix
@@ -5,6 +5,7 @@
       hypervisors."manah.katvayor.net" = {
         host = "kat-manah";
         ip = "100.102.49.84";
+        port-forward = [ 9000 9500 ];
         vms = {
           "degette.katvayor.net" = {
             ssh = 22000;
diff --git a/hive.nix b/hive.nix
index b8ade34..15dcd85 100644
--- a/hive.nix
+++ b/hive.nix
@@ -42,7 +42,10 @@ in
       };
       config = {
         boot.tmp.useTmpfs = true;
-        networking.hostName = name;
+        networking = {
+          nftables.enable = true;
+          hostName = name;
+        };
         nix = {
           nixPath = [
             "nixpkgs=${builtins.storePath pkgs.path}"
diff --git a/machines/kat-manah/default.nix b/machines/kat-manah/default.nix
index 080e595..f7db8d6 100644
--- a/machines/kat-manah/default.nix
+++ b/machines/kat-manah/default.nix
@@ -67,8 +67,13 @@
     '';
   };
 
+  services.weechat = {
+    enable = true;
+    binary = "${pkgs.weechat}/bin/weechat-headless";
+  };
+
   networking.firewall = {
-    allowedTCPPorts = [ 22 ];
+    allowedTCPPorts = [ 9000 9500 53 ];
     allowedUDPPorts = [ 67 ];
   };
   system.stateVersion = "23.11";
diff --git a/modules/desktop/sway.nix b/modules/desktop/sway.nix
index fdedf3e..9793cb2 100644
--- a/modules/desktop/sway.nix
+++ b/modules/desktop/sway.nix
@@ -86,13 +86,6 @@
           let
             menuCmd = "${pkgs.wofi}/bin/wofi --show drun -i | xargs swaymsg exec --";
             exitMd = ''Exit Mode:| (l)Log out | (r)Reboot | (p)Poweroff'';
-            weechatCmd = pkgs.writeShellScript "weechat.sh" ''
-              nix-shell -p python3 python311Packages.dbus-python python311Packages.notify2 --run 'python ${./weenotify.py} -s' > /dev/null &
-              while true; do
-                ssh -R 5431:localhost:5431 weecat@watcher.kat -t screen -xaA -S weechat
-                sleep 1
-              done
-            '';
           in
           rec {
             window.border = 1;
@@ -112,9 +105,9 @@
               { command = "signal-desktop --"; }
               # { command = "${lib.getExe pkgs.element-desktop}"; }
               { command = ''sh -c "sleep 2 && exec keepassxc"''; }
-              # {
-              #   command = "alacritty --class weechat --title weechat --command ${pkgs.bash}/bin/bash -c ${weechatCmd}";
-              # }
+              {
+                command = "alacritty --class weechat --title weechat --command ${pkgs.weechat}/bin/weechat";
+              }
             ];
             assigns = {
               "1" = [ { app_id = "firefox"; } ];