diff --git a/etc-hosts b/etc-hosts
index 788378c..32010bc 100644
--- a/etc-hosts
+++ b/etc-hosts
@@ -32,6 +32,7 @@
 
 10.0.0.210 greenroof.house
 
-10.0.0.10 ranch-talk.h.lyte.dev
+10.0.0.210 ranch-talk.h.lyte.dev
 
 10.0.0.244 ourcraft.lyte.dev
+10.0.0.244 factorio.lyte.dev
diff --git a/nftables.conf b/nftables.conf
index d89d5e1..81ecd93 100644
--- a/nftables.conf
+++ b/nftables.conf
@@ -13,7 +13,7 @@ table inet filter {
 		ip protocol icmp accept
 		meta l4proto ipv6-icmp accept
 		# do these need ipv6-specific entries, too?
-		tcp dport { 51821, 22, 2200, 2221, 2222, 25565 } accept comment "globally allowed ipv6 ports"
+		tcp dport { 51821, 22, 2201, 2221, 25565 } accept comment "globally allowed ipv6 ports"
 		udp dport { 51821, 51820, 546, 53, 67 } accept comment "allow dhcpv6-client, dns, dhcp, and wireguard"
 		udp dport { 60000-60009 } accept comment "allow mosh common ports"
 		drop
@@ -43,18 +43,19 @@ table ip nat {
 		iifname $LAN accept
 
 		# faceless
-		# allow HTTP, HTTPS, gitea's SSH, and host ssh to faceless
-		iifname $WAN tcp dport { 443, 80, 2222, 2200 } dnat to 10.0.0.210 
+		# allow HTTP, HTTPS, and ssh to faceless
+		iifname $WAN tcp dport { 443, 80, 22 } dnat to 10.0.0.210 
 		# allow mosh
 		iifname $WAN udp dport 60010-60019 dnat to 10.0.0.210
 
-		# allow host ssh
-		iifname $WAN tcp dport { 2221, 5588, 5555 } dnat to 10.0.0.10
+		# allow host ssh plus some stuff for the ranch talk
+		iifname $WAN tcp dport { 2221, 5588, 5589 } dnat to 10.0.0.10
 		# allow mosh
 		iifname $WAN udp dport 60020-60029 dnat to 10.0.0.10
 
 		# ourcraft
-		iifname $WAN tcp dport { 25565 } dnat to 10.0.0.244
+		iifname $WAN tcp dport { 25565, 34197 } dnat to 10.0.0.244
+		iifname $WAN udp dport { 25565, 34197 } dnat to 10.0.0.244
 	}
 }
 
@@ -95,9 +96,9 @@ table ip6 io.systemd.nat {
 		# icmpv6 accept
 		# icmp accept
 		meta l4proto ipv6-icmp accept
-		tcp dport { 51821, 2200, 2221, 2222, 25565 } accept comment "globally allowed ipv6 ports"
-		udp dport { 51821, 51820, 546, 53, 67 } accept comment "allow dhcpv6-client, dns, dhcp, and wireguard"
-		udp dport { 60000-60009 } accept comment "allow mosh common ports"
+		tcp dport { 51821, 22, 2201, 2221, 25565, 34197 } accept comment "globally allowed ipv6 ports"
+		udp dport { 51821, 51820, 546, 53, 67, 25565, 34197 } accept comment "allow dhcpv6-client, dns, dhcp, and wireguard"
+		# udp dport { 60000-60009 } accept comment "allow mosh common ports"
 		drop
 	}