diff --git a/ansible/roles/firewall/files/homeserver_pf.conf b/ansible/roles/firewall/files/homeserver_pf.conf
index 83ffeed..a374e05 100644
--- a/ansible/roles/firewall/files/homeserver_pf.conf
+++ b/ansible/roles/firewall/files/homeserver_pf.conf
@@ -3,7 +3,7 @@ jail_net_v4 = "10.193.223.0/24"
 full_nat_v4 = "10.213.177.0/24"
 
 dhcp = "{ bootpc, bootps }"
-# allow = "{ }"
+allow = "{ wgh wgf }"
 
 tcp_pass_in = "{ 22 }"
 udp_pass_in = "{ 53 51820 }"
@@ -32,7 +32,7 @@ pass out on $ext_if
 # `service pf reload` but interfaces that we `skip` will not update (I
 # forget if its from adding, removing, or both. TODO: test to figure
 # it out)
-# pass quick on $allow
+pass quick on $allow
 
 pass on $ext_if proto icmp all
 pass on $ext_if proto icmp6 all
diff --git a/ansible/roles/firewall/files/odofreebsd_pf.conf b/ansible/roles/firewall/files/odofreebsd_pf.conf
index f82f37e..16c77e8 100644
--- a/ansible/roles/firewall/files/odofreebsd_pf.conf
+++ b/ansible/roles/firewall/files/odofreebsd_pf.conf
@@ -3,7 +3,7 @@ jail_net_v4 = "10.193.223.0/24"
 full_nat_v4 = "10.213.177.0/24"
 
 dhcp = "{ bootpc, bootps }"
-# allow = "{ host_uplink0 }"
+allow = "{ wgf wgh }"
 
 tcp_pass_in = "{ 22 }"
 udp_pass_in = "{ 53 51820 }"
@@ -30,7 +30,7 @@ pass out on $ext_if
 # `service pf reload` but interfaces that we `skip` will not update (I
 # forget if its from adding, removing, or both. TODO: test to figure
 # it out)
-# pass quick on $allow
+pass quick on $allow
 
 pass on $ext_if proto icmp all
 pass on $ext_if proto icmp6 all