diff --git a/hosts/prometheus/default.nix b/hosts/prometheus/default.nix
index 42fab5ce..98f157db 100644
--- a/hosts/prometheus/default.nix
+++ b/hosts/prometheus/default.nix
@@ -4,7 +4,14 @@
   networking = {
     hostName = "prometheus";
     firewall = {
-      allowedTCPPorts = [ /*22*/ 80 443 /*9090 9091 9093 9094*/ ];
+      allowedTCPPorts = [
+        # nginx
+        80 443
+      ];
+      allowedUDPPorts = [
+        # services.prometheus.exporters.collectd.collectdBinary
+        25826
+      ];
       enable = true;
     };
   };
@@ -97,31 +104,31 @@
               )
               (builtins.attrNames zwNets.${net}.hosts4);
         in
-        [{
+        [ {
           targets =
             fromNet "serv" (_: true);
           labels.__meta_net = "net-serv";
-        }
-          {
-            targets =
-              fromNet "flpk" (host: host != "flpk-gw");
-            labels.__meta_net = "net-flpk";
-          }
-          {
-            targets =
-              fromNet "cluster" (host: builtins.elem host [
-                "server8"
-                "server9"
-                "server10"
-              ]);
-            labels.__meta_net = "net-flpk";
-          }];
+        } {
+          targets =
+            fromNet "flpk" (host: host != "flpk-gw");
+          labels.__meta_net = "net-flpk";
+        } {
+          targets =
+            fromNet "cluster" (host: builtins.elem host [
+              "server8"
+              "server9"
+              "server10"
+            ]);
+          labels.__meta_net = "net-flpk";
+        } {
+          targets = [ "http://localhost:${toString config.services.prometheus.exporters.collectd.port}/metrics" ];
+        } ];
     }];
 
     exporters = {
       collectd = {
         enable = true;
-        openFirewall = true;
+        collectdBinary.enable = true;
       };
       nginx = {
         enable = true;