diff --git a/modules/base.nix b/modules/base.nix
index 8e4c0ca..96f5eb8 100644
--- a/modules/base.nix
+++ b/modules/base.nix
@@ -119,13 +119,10 @@
 
   nix.settings.auto-optimise-store = true;
 
-  # Firewall
-  #
-  # Open ports in the firewall.
-  #networking.firewall.allowedTCPPorts = [ ... ];
-  #networking.firewall.allowedUDPPorts = [ ... ];
-  # Or disable the firewall altogether.
-  #networking.firewall.enable = false;
+  # Firewall.
+  # https://nixos.wiki/wiki/Firewall
+  # -> Firewall rules may be overwritten by docker, as per https://github.com/NixOS/nixpkgs/issues/111852
+  networking.firewall.enable = true;
 
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions