diff --git a/bin/v-update-firewall b/bin/v-update-firewall
index d2d06355..183522a7 100755
--- a/bin/v-update-firewall
+++ b/bin/v-update-firewall
@@ -60,7 +60,7 @@ echo "$iptables -P INPUT ACCEPT" >> $tmp
 echo "$iptables -F INPUT" >> $tmp
 
 # Enabling stateful support
-if [ "$conntrack" != 'no' ]; then
+if [ "$conntrack" != 'no' ] || grep --quiet container=lxc /proc/1/environ; then
     str="$iptables -A INPUT -m state"
     str="$str --state ESTABLISHED,RELATED -j ACCEPT"
     echo "$str" >> $tmp