diff --git a/podkop/files/usr/bin/podkop b/podkop/files/usr/bin/podkop
index 361debc..5622fef 100755
--- a/podkop/files/usr/bin/podkop
+++ b/podkop/files/usr/bin/podkop
@@ -388,8 +388,8 @@ create_nft_table() {
 
     nft add rule inet $table mangle iifname "$SRC_INTERFACE" ip daddr @podkop_subnets meta l4proto tcp meta mark set 0x105 counter
     nft add rule inet $table mangle iifname "$SRC_INTERFACE" ip daddr @podkop_subnets meta l4proto udp meta mark set 0x105 counter
-    nft add rule inet $table mangle iifname "$SRC_INTERFACE" ip daddr "$FAKEIP" meta l4proto tcp meta mark set 0x105 counter
-    nft add rule inet $table mangle iifname "$SRC_INTERFACE" ip daddr "$FAKEIP" meta l4proto udp meta mark set 0x105 counter
+    nft add rule inet $table mangle iifname "$SRC_INTERFACE" ip daddr "$SB_FAKEIP_INET4_RANGE" meta l4proto tcp meta mark set 0x105 counter
+    nft add rule inet $table mangle iifname "$SRC_INTERFACE" ip daddr "$SB_FAKEIP_INET4_RANGE" meta l4proto udp meta mark set 0x105 counter
 
     nft add rule inet $table proxy meta mark 0x105 meta l4proto { tcp, udp } tproxy ip to 127.0.0.1:1602 counter
 
@@ -756,7 +756,7 @@ sing_box_configure_dns() {
     fi
 
     log "Adding DNS Servers"
-    config=$(sing_box_cm_add_fakeip_dns_server "$config" "$SB_FAKEIP_DNS_SERVER_TAG" "$FAKEIP")
+    config=$(sing_box_cm_add_fakeip_dns_server "$config" "$SB_FAKEIP_DNS_SERVER_TAG" "$SB_FAKEIP_INET4_RANGE")
 
     local dns_domain_resolver
     if [ "$need_dns_domain_resolver" -eq 1 ]; then
diff --git a/podkop/files/usr/lib/constants.sh b/podkop/files/usr/lib/constants.sh
index 1bf735a..ccf8615 100644
--- a/podkop/files/usr/lib/constants.sh
+++ b/podkop/files/usr/lib/constants.sh
@@ -10,7 +10,7 @@ SB_DEFAULT_LOG_LEVEL="warn"
 SB_DNS_SERVER_TAG="dns-server"
 SB_SPLIT_DNS_SERVER_TAG="split-dns-server"
 SB_FAKEIP_DNS_SERVER_TAG="fakeip-server"
-FAKEIP="198.18.0.0/15" # TODO(ampetelin): renaming is needed
+SB_FAKEIP_INET4_RANGE="198.18.0.0/15"
 SB_DNS_DOMAIN_RESOLVER_TAG="dns-domain-resolver"
 SB_FAKEIP_DNS_RULE_TAG="fakeip-dns-rule-tag"
 SB_INVERT_FAKEIP_DNS_RULE_TAG="invert-fakeip-dns-rule-tag"
@@ -22,7 +22,7 @@ SB_DNS_INBOUND_TAG="dns-in"
 SB_DNS_INBOUND_ADDRESS="127.0.0.42"
 SB_DNS_INBOUND_PORT=53
 SB_MIXED_INBOUND_TAG="mixed-in"
-SB_MIXED_INBOUND_ADDRESS="0.0.0.0"
+SB_MIXED_INBOUND_ADDRESS="0.0.0.0" # TODO(ampetelin): maybe to determine address?
 SB_MIXED_INBOUND_PORT=2080
 SB_SERVICE_MIXED_INBOUND_TAG="service-mixed-in"
 SB_SERVICE_MIXED_INBOUND_ADDRESS="127.0.0.1"