diff --git a/salt/firewall/init.sls b/salt/firewall/init.sls
index 877032b17..38706bd7c 100644
--- a/salt/firewall/init.sls
+++ b/salt/firewall/init.sls
@@ -50,11 +50,16 @@ enable_reject_policy:
       - iptables: iptables_allow_ssh
       - iptables: iptables_allow_pings
 
-# Delete the RETURN rule
-del_return_rule:
-  iptables.delete:
+# Enable global DOCKER-USER block rule
+enable_docker_user_fw_policy:
+  iptables.insert:
+    - table: filter
     - chain: DOCKER-USER
-    - jump: RETURN
+    - jump: DROP
+    - in-interface: '!docker0'
+    - out-interface: docker0
+    - position: 1
+    - save: true
 
 # Rules if you are a Master
 {% if grains['role'] == 'so-master' %}
@@ -154,11 +159,4 @@ enable_standard_beats_5044_{{ip}}:
 
 # Rules if you are a Warm Node
 
-# Some Fixer upper type rules
-
-# Enable global DOCKER-USER block rule
-enable_docker_user_fw_policy:
-  iptables.append:
-    - table: filter
-    - chain: DOCKER-USER
-    - jump: DROP
+# Some Fixer upper type rules
\ No newline at end of file
diff --git a/salt/master/files/registry/config.yml b/salt/master/files/registry/config.yml
index a43335361..d25a034b0 100644
--- a/salt/master/files/registry/config.yml
+++ b/salt/master/files/registry/config.yml
@@ -21,4 +21,3 @@ health:
     threshold: 3
 proxy:
   remoteurl: https://registry-1.docker.io
-  
\ No newline at end of file