diff --git a/.devcontainer/Containerfile b/.devcontainer/Containerfile
new file mode 100644
index 0000000..2abcd12
--- /dev/null
+++ b/.devcontainer/Containerfile
@@ -0,0 +1,5 @@
+FROM mcr.microsoft.com/devcontainers/rust:1-1-bookworm
+
+RUN apt-get update && apt-get -y install nftables \
+  && apt-get clean
+
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
new file mode 100644
index 0000000..a5a48f0
--- /dev/null
+++ b/.devcontainer/devcontainer.json
@@ -0,0 +1,36 @@
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the
+// README at: https://github.com/devcontainers/templates/tree/main/src/rust
+{
+	"name": "Rust",
+	// Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile
+  "build": { "dockerfile": "Containerfile" },
+
+	// Use 'mounts' to make the cargo cache persistent in a Docker Volume.
+	// "mounts": [
+	// 	{
+	// 		"source": "devcontainer-cargo-cache-${devcontainerId}",
+	// 		"target": "/usr/local/cargo",
+	// 		"type": "volume"
+	// 	}
+	// ]
+
+	// Features to add to the dev container. More info: https://containers.dev/features.
+	// "features": {},
+
+	// Use 'forwardPorts' to make a list of ports inside the container available locally.
+	// "forwardPorts": [],
+
+	// Use 'postCreateCommand' to run commands after the container is created.
+	// "postCreateCommand": "rustc --version",
+
+	// Configure tool-specific properties.
+	// "customizations": {},
+
+	// Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root.
+	"remoteUser": "root",
+	"runArgs": [
+		"--privileged"  // https://github.com/containers/podman/issues/11887
+	]
+	// instead of --privileged, this should be sufficient:
+	// "capAdd": ["SYS_ADMIN", "NET_ADMIN"]
+}
diff --git a/Cargo.toml b/Cargo.toml
index 9b5ade8..688a7d8 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -10,6 +10,7 @@ readme = "README.md"
 keywords = ["nftables", "netfilter", "firewall"]
 categories = ["os", "network-programming"]
 exclude = [
+    ".devcontainer/*",
     ".github/*",
     "cliff.toml",
     "release-plz.toml",