diff --git a/flake.lock b/flake.lock
index ed85b41..901a5ee 100644
--- a/flake.lock
+++ b/flake.lock
@@ -76,11 +76,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1733730953,
-        "narHash": "sha256-dlK7n82FEyZlHH7BFHQAM5tua+lQO1Iv7aAtglc1O5s=",
+        "lastModified": 1729973466,
+        "narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "7109b680d161993918b0a126f38bc39763e5a709",
+        "rev": "cd3e8833d70618c4eea8df06f95b364b016d4950",
         "type": "github"
       },
       "original": {
@@ -107,11 +107,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1733759999,
-        "narHash": "sha256-463SNPWmz46iLzJKRzO3Q2b0Aurff3U1n0nYItxq7jU=",
+        "lastModified": 1729880355,
+        "narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "a73246e2eef4c6ed172979932bc80e1404ba2d56",
+        "rev": "18536bf04cd71abd345f9579158841376fdd0c5a",
         "type": "github"
       },
       "original": {
diff --git a/flake.nix b/flake.nix
index bbed851..ba4b897 100644
--- a/flake.nix
+++ b/flake.nix
@@ -59,12 +59,6 @@
         inputs = inputs;
         pkgs-unstable = import nixpkgs-unstable {
           inherit system;
-          config.permittedInsecurePackages = [
-            "aspnetcore-runtime-6.0.36"
-            "aspnetcore-runtime-wrapped-6.0.36"
-            "dotnet-sdk-6.0.428"
-            "dotnet-sdk-wrapped-6.0.428"
-          ];
         };
         pkgs-4a3fc4cf7 = import nixpkgs-4a3fc4cf7 {
           inherit system;
diff --git a/systems/LoutreOS/network.nix b/systems/LoutreOS/network.nix
index 7c8b54b..4c51361 100644
--- a/systems/LoutreOS/network.nix
+++ b/systems/LoutreOS/network.nix
@@ -88,14 +88,9 @@
         ip46tables -w -t mangle -X loutreos-mangle-pre 2>/dev/null || true
         ip46tables -w -t mangle -N loutreos-mangle-pre
 
-        # Restore the packet's CONNMARK to the MARK for existing incoming connections
+        # Restore the packet's CONNMARK to the MARK for existing connections
         ip46tables -w -t mangle -A loutreos-mangle-pre -j CONNMARK --restore-mark
 
-        # Restore CONNMARK to MARK for outgoing packets before final routing decision
-        ip46tables -w -t mangle -D OUTPUT -j CONNMARK --restore-mark 2>/dev/null || true
-        ip46tables -w -t mangle -A OUTPUT -j CONNMARK --restore-mark
-
-
         # If packet MARK is set, then it means that there is already a connection mark
         ip46tables -w -t mangle -A loutreos-mangle-pre -m mark ! --mark 0 -j ACCEPT
 
@@ -105,11 +100,8 @@
         ip46tables -w -t mangle -A loutreos-mangle-pre -i enp0s21u1 -j MARK --set-mark 2
         ip46tables -w -t mangle -A loutreos-mangle-pre -i wg0 -j MARK --set-mark 3
 
-        # Save new mark in CONNMARK
-        ip46tables -w -t mangle -A loutreos-mangle-pre -j CONNMARK --save-mark
-
         # Jump to newly created target 
-        ip46tables -w -t mangle -I PREROUTING 1 -j loutreos-mangle-pre
+        ip46tables -w -t mangle -A PREROUTING -j loutreos-mangle-pre
 
         # Save MARK to CONNMARK.
         ip46tables -w -t mangle -D POSTROUTING -j CONNMARK --save-mark 2>/dev/null || true