diff --git a/dune b/dune
index e610902..80804dc 100644
--- a/dune
+++ b/dune
@@ -1,3 +1,3 @@
 (executable
  (name firewall)
- (libraries yojson))
+ (libraries yojson ipaddr))
diff --git a/nftables.ml b/nftables.ml
index f8fec87..74a8afd 100644
--- a/nftables.ml
+++ b/nftables.ml
@@ -1,4 +1,5 @@
 open Utils
+open Ipaddr
 
 type _ udp =
   | UdpDport : int udp
@@ -16,6 +17,8 @@ type _ expr =
   | String : string -> string expr
   | Number : int -> int expr
   | Boolean : bool -> int expr
+  | Ipv4 : (V4.t * V4.Prefix.t) -> (V4.t * V4.Prefix.t) expr
+  | Ipv6 : (V6.t * V6.Prefix.t) -> (V6.t * V6.Prefix.t) expr
   | List : 'a expr list -> 'a expr
   | Set : 'a expr list -> 'a expr
   | Range : 'a expr * 'a expr -> 'a expr
@@ -102,6 +105,14 @@ let rec json_of_expr : type a. a expr -> Yojson.Basic.t = function
   | String s -> `String s
   | Number n -> `Int n
   | Boolean b -> `Bool b
+  | Ipv4 (a, p) -> assoc_one "prefix" (`Assoc [
+      ("addr", `String (V4.to_string a));
+      ("len", `Int (V4.Prefix.bits p))
+    ])
+  | Ipv6 (a, p) -> assoc_one "prefix" (`Assoc [
+      ("addr", `String (V6.to_string a));
+      ("len", `Int (V6.Prefix.bits p))
+    ])
   | List l -> `List (List.map json_of_expr l)
   | Set s -> assoc_one "set" (`List (List.map json_of_expr s))
   | Range (a, b) ->