diff --git a/roles/ansible_nftables/templates/firewall.nft.j2 b/roles/ansible_nftables/templates/firewall.nft.j2
index 4617786..d50a181 100644
--- a/roles/ansible_nftables/templates/firewall.nft.j2
+++ b/roles/ansible_nftables/templates/firewall.nft.j2
@@ -28,7 +28,7 @@ table inet filter {
       ct state invalid drop comment "Drop invalid connections"
       ct state established,related accept comment "Accept traffic originated from us"
 
-      ip6 nexthdr icmpv6 icmpv6 type { echo-request, destination-unreachable, packet-too-big, time-exceeded, parameter-problem, mld-listener-query, mld-listener-report, mld-listener-reduction, nd-router-solicit, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert, ind-neighbor-solicit, ind-neighbor-advert, mld2-listener-report } accept comment "Accept ICMPv6"
+      icmpv6 type { destination-unreachable, packet-too-big, time-exceeded, parameter-problem, echo-request, mld-listener-query, mld-listener-report, mld-listener-done, nd-router-solicit, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert, ind-neighbor-solicit, ind-neighbor-advert, mld2-listener-report } accept comment "Accept ICMPv6"
       ip protocol icmp icmp type { echo-request, destination-unreachable, router-solicitation, router-advertisement, time-exceeded, parameter-problem } accept comment "Accept ICMP"
       ip protocol igmp accept comment "Accept IGMP"
       # anti ansible lockout rules
diff --git a/roles/ansible_nftables/templates/server.nft.j2 b/roles/ansible_nftables/templates/server.nft.j2
index b5a5db1..601d8a1 100644
--- a/roles/ansible_nftables/templates/server.nft.j2
+++ b/roles/ansible_nftables/templates/server.nft.j2
@@ -12,7 +12,7 @@ table inet filter {
       ct state invalid drop comment "Drop invalid connections"
       ct state established,related accept comment "Accept traffic originated from us"
       
-      ip6 nexthdr icmpv6 icmpv6 type { echo-request, destination-unreachable, packet-too-big, time-exceeded, parameter-problem, mld-listener-query, mld-listener-report, mld-listener-reduction, nd-router-solicit, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert, ind-neighbor-solicit, ind-neighbor-advert, mld2-listener-report } accept comment "Accept ICMPv6"
+      icmpv6 type { destination-unreachable, packet-too-big, time-exceeded, parameter-problem, echo-request, mld-listener-query, mld-listener-report, mld-listener-done, nd-router-solicit, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert, ind-neighbor-solicit, ind-neighbor-advert, mld2-listener-report } accept comment "Accept ICMPv6"
       ip protocol icmp icmp type { echo-request, destination-unreachable, router-solicitation, router-advertisement, time-exceeded, parameter-problem } accept comment "Accept ICMP"
       ip protocol igmp accept comment "Accept IGMP"
       # individual rules
diff --git a/roles/ansible_nftables/templates/workstation.nft.j2 b/roles/ansible_nftables/templates/workstation.nft.j2
index 922b991..7d70565 100644
--- a/roles/ansible_nftables/templates/workstation.nft.j2
+++ b/roles/ansible_nftables/templates/workstation.nft.j2
@@ -12,7 +12,7 @@ table inet filter {
       ct state invalid drop comment "Drop invalid connections"
       ct state established,related accept comment "Accept traffic originated from us"
 
-      ip6 nexthdr icmpv6 icmpv6 type { destination-unreachable, packet-too-big, time-exceeded, parameter-problem, mld-listener-query, mld-listener-report, mld-listener-reduction, nd-router-solicit, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert, ind-neighbor-solicit, ind-neighbor-advert, mld2-listener-report } accept comment "Accept ICMPv6"
+      icmpv6 type { destination-unreachable, packet-too-big, time-exceeded, parameter-problem, echo-request, mld-listener-query, mld-listener-report, mld-listener-done, nd-router-solicit, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert, ind-neighbor-solicit, ind-neighbor-advert, mld2-listener-report } accept comment "Accept ICMPv6"
       ip protocol icmp icmp type { destination-unreachable, router-solicitation, router-advertisement, time-exceeded, parameter-problem } accept comment "Accept ICMP"
       ip protocol igmp accept comment "Accept IGMP"
       udp dport mdns ip6 daddr ff02::fb accept comment "Accept mDNS"