diff --git a/gse/gse-ingress-allow.yaml b/gse/gse-ingress-allow.yaml
index 8ca5e3a..47a6cd1 100644
--- a/gse/gse-ingress-allow.yaml
+++ b/gse/gse-ingress-allow.yaml
@@ -1,18 +1,21 @@
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
-  name: gse-coredns-allow
+  name: gse-ingress-allow
   namespace: gse
 spec:
-  podSelector: {}
+  podSelector: 
+    matchLabels:
+      app: gse
   policyTypes:
-    - Egress
-  egress:
-    - to:
-        - namespaceSelector: {}
+    - Ingress
+  ingress:
+    - from:
+        - namespaceSelector:
+            matchLabels:
+              kubernetes.io/metadata.name: projectcontour
           podSelector:
             matchLabels:
-              k8s-app: kube-dns
+              app: envoy
       ports:
-        - port: 53
-          protocol: UDP
+        - port: 28657