diff --git a/nixos/modules/virtualisation/podman/default.nix b/nixos/modules/virtualisation/podman/default.nix
index f82fb5a99aee..b6ab82b1acb5 100644
--- a/nixos/modules/virtualisation/podman/default.nix
+++ b/nixos/modules/virtualisation/podman/default.nix
@@ -242,10 +242,6 @@ in
       # containers cannot reach aardvark-dns otherwise
       networking.firewall.interfaces.${network_interface}.allowedUDPPorts = lib.mkIf dns_enabled [ 53 ];
 
-      virtualisation.podman.extraPackages = [
-        pkgs.iptables
-      ]
-      ++ lib.optional config.networking.nftables.enable pkgs.nftables;
       virtualisation.containers = {
         enable = true; # Enable common /etc/containers configuration
         containersConf.settings = {
diff --git a/pkgs/by-name/po/podman/package.nix b/pkgs/by-name/po/podman/package.nix
index 985a1307aa98..978736798756 100644
--- a/pkgs/by-name/po/podman/package.nix
+++ b/pkgs/by-name/po/podman/package.nix
@@ -25,6 +25,8 @@
   extraRuntimes ? lib.optionals stdenv.hostPlatform.isLinux [ runc ], # e.g.: runc, gvisor, youki
   fuse-overlayfs,
   util-linuxMinimal,
+  nftables,
+  iptables,
   iproute2,
   catatonit,
   gvproxy,
@@ -44,7 +46,9 @@ let
     lib.optionals stdenv.hostPlatform.isLinux [
       fuse-overlayfs
       util-linuxMinimal
+      iptables
       iproute2
+      nftables
     ]
     ++ lib.optionals stdenv.hostPlatform.isDarwin [
       vfkit