diff --git a/salt/firewall/assigned_hostgroups.map.yaml b/salt/firewall/assigned_hostgroups.map.yaml
index 25dbba1b0..10ddae371 100644
--- a/salt/firewall/assigned_hostgroups.map.yaml
+++ b/salt/firewall/assigned_hostgroups.map.yaml
@@ -254,6 +254,9 @@ role:
     chain:
       DOCKER-USER:
         hostgroups:
+          localhost:
+            portgroups:
+              - {{ portgroups.all }}
           standalone:
             portgroups:
               - {{ portgroups.playbook }}
diff --git a/salt/podman/files/sobridge.conflist b/salt/podman/files/sobridge.conflist
new file mode 100644
index 000000000..45a7e2df9
--- /dev/null
+++ b/salt/podman/files/sobridge.conflist
@@ -0,0 +1,48 @@
+{
+   "args": {
+      "podman_options": {
+         "isolate": "true",
+         "mtu": "1500"
+      }
+   },
+   "cniVersion": "0.4.0",
+   "name": "sobridge",
+   "plugins": [
+      {
+         "type": "bridge",
+         "bridge": "sobridge",
+         "isGateway": true,
+         "ipMasq": false,
+         "mtu": 1500,
+         "hairpinMode": false,
+         "ipam": {
+            "type": "host-local",
+            "routes": [
+               {
+                  "dst": "0.0.0.0/0"
+               }
+            ],
+            "ranges": [
+               [
+                  {
+                     "subnet": "172.17.1.0/24",
+                     "gateway": "172.17.1.1"
+                  }
+               ]
+            ]
+         },
+         "capabilities": {
+            "ips": true
+         }
+      },
+      {
+         "type": "portmap",
+         "capabilities": {
+            "portMappings": false
+         }
+      },
+      {
+         "type": "tuning"
+      }
+   ]
+}
diff --git a/salt/podman/init.sls b/salt/podman/init.sls
index 8fe1950da..d5efa0fdb 100644
--- a/salt/podman/init.sls
+++ b/salt/podman/init.sls
@@ -4,6 +4,10 @@ Podman pkg:
   pkg.installed:
     - name: podman
 
+cnipkg:
+  pkg.installed:
+    - name: containernetworking-plugins
+
 {#
 Podman service:
   file.managed:
@@ -11,6 +15,11 @@ Podman service:
     - source: salt://podman/podman.service
 #}
 
+sobridgeconf:
+  file.managed:
+    - name: /etc/cni/net.d/sobridge.conflist
+    - source: salt://podman/files/sobridge.conflist
+
 Podman_socket_service:
   service.running:
     - name: podman.socket
@@ -31,6 +40,7 @@ podman_docker_symlink:
     - name: /usr/bin/docker
     - target: /usr/bin/podman
 
+{#
 sos_docker_net:
   docker_network.present:
     - name: sobridge
@@ -43,3 +53,4 @@ sos_docker_net:
         com.docker.network.bridge.enable_icc: 'true'
         com.docker.network.bridge.host_binding_ipv4: '0.0.0.0'
     - unless: 'docker network ls | grep sobridge'
+#}