diff --git a/e20c/kvm.sh b/e20c/kvm.sh
index cddd41b..2bc43a9 100644
--- a/e20c/kvm.sh
+++ b/e20c/kvm.sh
@@ -116,6 +116,9 @@ uninstall_cockpit() {
 
 # 允许虚拟机通过指定的桥接网卡收发数据
 add_nft_rules_for_bridge() {
+    apt install nftables -y
+    nft add table ip filter
+    nft add chain ip filter FORWARD { type filter hook forward priority 0 \; }
     read -p "请输入桥接网卡名称: " bridge_name
     nft add rule ip filter FORWARD iifname "$bridge_name" accept
     nft add rule ip filter FORWARD oifname "$bridge_name" accept