diff --git a/generic/alpine-sleep-hostnetwork-netperm.yaml b/generic/alpine-sleep-hostnetwork-netperm.yaml
new file mode 100644
index 0000000..5623c25
--- /dev/null
+++ b/generic/alpine-sleep-hostnetwork-netperm.yaml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: alpine-sleep-hostnetwork-netperm
+spec:
+  hostNetwork: true
+  containers:
+  - name: alpine
+    image: alpine:3.15
+    args:
+    - sleep
+    - "1000000"
+    securityContext:
+      capabilities:
+        # NET_ADMIN for wg
+        # NET_RAW for iptables
+        add: ["NET_ADMIN", "NET_RAW" ]
diff --git a/generic/alpine-sleep-hostnetwork.yaml b/generic/alpine-sleep-hostnetwork.yaml
new file mode 100644
index 0000000..8275b9f
--- /dev/null
+++ b/generic/alpine-sleep-hostnetwork.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: alpine-sleep-hostnetwork
+spec:
+  hostNetwork: true
+  containers:
+  - name: alpine
+    image: alpine:3.15
+    args:
+    - sleep
+    - "1000000"
diff --git a/generic/alpine-sleep-netperm.yaml b/generic/alpine-sleep-netperm.yaml
new file mode 100644
index 0000000..e6c948e
--- /dev/null
+++ b/generic/alpine-sleep-netperm.yaml
@@ -0,0 +1,24 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: alpine-sleep-netperm
+spec:
+  securityContext:
+    sysctls:
+        - name: net.ipv6.conf.all.forwarding
+          value: "1"
+  containers:
+  - name: alpine
+    image: alpine:3.15
+    args:
+    - sleep
+    - "1000000"
+    securityContext:
+      capabilities:
+        # NET_ADMIN for wg
+        # NET_RAW for iptables
+        add: ["NET_ADMIN", "NET_RAW" ]
+
+# [12:31] nb3:generic% kubectl get pods -n testnico -w
+# NAME                             READY   STATUS            RESTARTS   AGE
+# alpine-sleep-netperm             0/1     SysctlForbidden   0          49s