diff --git a/client/firewall/iptables/manager_linux.go b/client/firewall/iptables/manager_linux.go
index ced6c9e1f..dc7e9daeb 100644
--- a/client/firewall/iptables/manager_linux.go
+++ b/client/firewall/iptables/manager_linux.go
@@ -63,16 +63,9 @@ func (m *Manager) AddFiltering(
 	m.mutex.Lock()
 	defer m.mutex.Unlock()
 
-	client := m.client(ip)
-	ok, err := client.ChainExists("filter", ChainFilterName)
+	client, err := m.clientWithChain(ip)
 	if err != nil {
-		return nil, fmt.Errorf("failed to check if chain exists: %s", err)
-	}
-
-	if !ok {
-		if err := client.NewChain("filter", ChainFilterName); err != nil {
-			return nil, fmt.Errorf("failed to create chain: %s", err)
-		}
+		return nil, err
 	}
 
 	var portValue string
@@ -173,6 +166,27 @@ func (m *Manager) client(ip net.IP) *iptables.IPTables {
 	return m.ipv6Client
 }
 
+// clientWithChain returns client with initialized chain and default rules
+func (m *Manager) clientWithChain(ip net.IP) (*iptables.IPTables, error) {
+	client := m.client(ip)
+	ok, err := client.ChainExists("filter", ChainFilterName)
+	if err != nil {
+		return nil, fmt.Errorf("failed to check if chain exists: %s", err)
+	}
+
+	if !ok {
+		if err := client.NewChain("filter", ChainFilterName); err != nil {
+			return nil, fmt.Errorf("failed to create chain: %s", err)
+		}
+
+		specs := []string{"-p", "icmp", "--icmp-type", "echo-request", "-j", "ACCEPT"}
+		if err := client.Insert("input", ChainFilterName, 1, specs...); err != nil {
+			return nil, fmt.Errorf("failed to create chain: %s", err)
+		}
+	}
+	return client, nil
+}
+
 func (m *Manager) actionToStr(action fw.Action) string {
 	if action == fw.ActionAccept {
 		return "ACCEPT"
diff --git a/client/internal/firewall.go b/client/internal/firewall.go
index 70c4d8d10..16f008ff3 100644
--- a/client/internal/firewall.go
+++ b/client/internal/firewall.go
@@ -1,5 +1,3 @@
-//go:build !linux
-
 package internal
 
 import (
@@ -7,8 +5,15 @@ import (
 	"runtime"
 
 	"github.com/netbirdio/netbird/client/firewall"
+	"github.com/netbirdio/netbird/client/firewall/iptables"
 )
 
 func buildFirewallManager() (fw firewall.Manager, err error) {
-	return nil, fmt.Errorf("not implemented for this OS: %s", runtime.GOOS)
+	switch runtime.GOOS {
+	case "linux":
+		return iptables.Create()
+
+	default:
+		return nil, fmt.Errorf("not implemented for this OS: %s", runtime.GOOS)
+	}
 }
diff --git a/client/internal/firewall_linux.go b/client/internal/firewall_linux.go
deleted file mode 100644
index 89fd95454..000000000
--- a/client/internal/firewall_linux.go
+++ /dev/null
@@ -1,17 +0,0 @@
-package internal
-
-import (
-	"fmt"
-
-	"github.com/netbirdio/netbird/client/firewall"
-	"github.com/netbirdio/netbird/client/firewall/iptables"
-)
-
-func buildFirewallManager() (fw firewall.Manager, err error) {
-	fw, err = iptables.Create()
-	if err != nil {
-		// TODO: handle init nftables manager when it will be implemented
-		return nil, fmt.Errorf("create iptables manager: %w", err)
-	}
-	return fw, nil
-}