diff --git a/internal/firewall/support.go b/internal/firewall/support.go
index 3b2126ef..33f9568f 100644
--- a/internal/firewall/support.go
+++ b/internal/firewall/support.go
@@ -22,7 +22,7 @@ func checkIptablesSupport(ctx context.Context, runner command.Runner,
 	var errMessage string
 	testInterfaceName := randomInterfaceName()
 	for _, iptablesPath = range iptablesPathsToTry {
-		cmd := exec.CommandContext(ctx, iptablesPath, "-A", "INPUT", "-i", testInterfaceName, "-j", "DROP")
+		cmd := exec.CommandContext(ctx, iptablesPath, "-A", "OUTPUT", "-o", testInterfaceName, "-j", "DROP")
 		errMessage, err = runner.Run(cmd)
 		if err == nil {
 			break
@@ -42,7 +42,7 @@ func checkIptablesSupport(ctx context.Context, runner command.Runner,
 	}
 
 	// Cleanup test rule
-	cmd := exec.CommandContext(ctx, iptablesPath, "-D", "INPUT", "-i", testInterfaceName, "-j", "DROP")
+	cmd := exec.CommandContext(ctx, iptablesPath, "-D", "OUTPUT", "-o", testInterfaceName, "-j", "DROP")
 	errMessage, err = runner.Run(cmd)
 	if err != nil {
 		return "", fmt.Errorf("%w: %s (%s)", ErrTestRuleCleanup, errMessage, err)