diff --git a/self_hosting/bypass_cgnat/README.md b/self_hosting/bypass_cgnat/README.md
index 5e406f3..36edeeb 100644
--- a/self_hosting/bypass_cgnat/README.md
+++ b/self_hosting/bypass_cgnat/README.md
@@ -1,3 +1,12 @@
 # Bypass CGNAT
 Setup a wireguard VPN to route traffic from a VPS to your local machine.
 Based from [this](https://github.com/mochman/Bypass_CGNAT) guide.
+
+# Possible extra configuration
+
+```
+auto eth0
+iface eth0 inet static
+    . . .
+    dns-nameservers 1.1.1.1 9.9.9.9
+```
diff --git a/self_hosting/bypass_cgnat/bypasscgnat.sh b/self_hosting/bypass_cgnat/bypasscgnat.sh
index d7723e6..c9755e1 100644
--- a/self_hosting/bypass_cgnat/bypasscgnat.sh
+++ b/self_hosting/bypass_cgnat/bypasscgnat.sh
@@ -15,13 +15,11 @@ iptables_setup() {
             iptables -A FORWARD -i "$SERVER_INT" -o wg0 -p tcp --syn --dport "$port" -m conntrack --ctstate NEW -j ACCEPT
             iptables -t nat -A PREROUTING -i "$SERVER_INT" -p tcp --dport "$port" -j DNAT --to-destination "$WG_CLIENT_IP"
             iptables -t nat -A POSTROUTING -o wg0 -p tcp --dport "$port" -d "$WG_CLIENT_IP" -j SNAT --to-source "$WG_SERVER_IP"
-            ufw allow "$port"/tcp
         done
         for port in $udpports; do
             iptables -A FORWARD -i "$SERVER_INT" -o wg0 -p udp --dport "$port" -m conntrack --ctstate NEW -j ACCEPT
             iptables -t nat -A PREROUTING -i "$SERVER_INT" -p udp --dport "$port" -j DNAT --to-destination "$WG_CLIENT_IP"
             iptables -t nat -A POSTROUTING -o wg0 -p udp --dport "$port" -d "$WG_CLIENT_IP" -j SNAT --to-source "$WG_SERVER_IP"
-            ufw allow "$port"/udp
         done
     fi
 
@@ -30,18 +28,13 @@ iptables_setup() {
             iptables -D FORWARD -i "$SERVER_INT" -o wg0 -p tcp --syn --dport "$port" -m conntrack --ctstate NEW -j ACCEPT
             iptables -t nat -D PREROUTING -i "$SERVER_INT" -p tcp --dport "$port" -j DNAT --to-destination "$WG_CLIENT_IP"
             iptables -t nat -D POSTROUTING -o wg0 -p tcp --dport "$port" -d "$WG_CLIENT_IP" -j SNAT --to-source "$WG_SERVER_IP"
-            ufw deny "$port"/tcp
         done
         for port in $udpports; do
             iptables -D FORWARD -i "$SERVER_INT" -o wg0 -p udp --dport "$port" -m conntrack --ctstate NEW -j ACCEPT
             iptables -t nat -D PREROUTING -i "$SERVER_INT" -p udp --dport "$port" -j DNAT --to-destination "$WG_CLIENT_IP"
             iptables -t nat -D POSTROUTING -o wg0 -p udp --dport "$port" -d "$WG_CLIENT_IP" -j SNAT --to-source "$WG_SERVER_IP"
-            ufw deny "$port"/udp
         done
     fi
-
-    ufw reload
-    return 0
 }
 
 [ "$1" = "up" ] && iptables_setup up && exit 0
@@ -75,8 +68,8 @@ PrivateKey = ${SERVER_PRV_KEY}
 ListenPort = 55107
 Address = 10.0.0.1/24 
 
-PostUp = /opt/bypasscgnat/bypasscgnat.sh up
-PostDown = /opt/bypasscgnat/bypasscgnat.sh down
+PostUp = /opt/bypasscgnat.sh up
+PostDown = /opt/bypasscgnat.sh down
 
 [Peer]
 PublicKey = ${CLIENT_PUB_KEY}