diff --git a/extras/apparmor/usr.sbin.fwknopd b/extras/apparmor/usr.sbin.fwknopd
index 73f4aff6..e7caa779 100644
--- a/extras/apparmor/usr.sbin.fwknopd
+++ b/extras/apparmor/usr.sbin.fwknopd
@@ -11,6 +11,8 @@
   capability net_raw,
 
   network inet raw,
+  network inet dgram,
+  network inet6 dgram,
   network packet raw,
   network packet dgram,
 
@@ -24,6 +26,7 @@
   /root/.gnupg/* rwkl,
   /run/fwknop/ rw,
   /run/fwknop/* rwk,
+  /run/xtables.lock rwk,
   /sbin/xtables-multi rix,
   /usr/bin/gpg rix,
   /usr/sbin/fwknopd mr,