diff --git a/firewall/firewall-add b/firewall/firewall-add
index 0dab316..42d706f 100755
--- a/firewall/firewall-add
+++ b/firewall/firewall-add
@@ -44,11 +44,13 @@ prerouting() {
 	# DELETE UNECESSARY LINES FROM PREVIOUS RULES
 	if [ -n "$LINES" ] ; then
 		for i in $LINES; do 
+			debug "$IPTABLES -D $i"
 			$IPTABLES -D $i
 			sleep 0.1
 		done
 	fi
 
+	debug "$IPTABLES -I PREROUTING -d $SOURCE_IP -p $PROTOCOL --dport $SOURCE_PORT -m comment --comment "$COMMENT" -j DNAT --to $TARGET_IP:$TARGET_PORT"
 	$IPTABLES -I PREROUTING -d $SOURCE_IP -p $PROTOCOL --dport $SOURCE_PORT -m comment --comment "$COMMENT" -j DNAT --to $TARGET_IP:$TARGET_PORT
 }
 
@@ -58,11 +60,13 @@ postrouting() {
 	# DELETE UNECESSARY LINES FROM PREVIOUS RULES
 	if [ -n "$LINES" ] ; then
 		for i in $LINES; do 
+			debug "$IPTABLES -D $i"
 			$IPTABLES -D $i
 			sleep 0.1
 		done
 	fi
 
+	debug "$IPTABLES -I POSTROUTING -d $TARGET_IP -p $PROTOCOL --dport $TARGET_PORT -m comment --comment "$COMMENT" -j MASQUERADE"	
 	$IPTABLES -I POSTROUTING -d $TARGET_IP -p $PROTOCOL --dport $TARGET_PORT -m comment --comment "$COMMENT" -j MASQUERADE	
 }
 
@@ -115,12 +119,12 @@ for source_ip_index in $(seq 1 $COUNT_SOURCE_IP) ; do
 if [[ "$PREROUTING" == "true" ]] || [[ "$POSTROUTING" == "true" ]] || [[ "$HOST" == "true" ]] ; then
 	
 	if [ "$HOST" == "true" ] ; then
-		NS_IPTABLES="/sbin/iptables -t nat";
+		IPTABLES="/sbin/iptables -t nat";
 	else
-		NS_IPTABLES="nsenter -t $(docker inspect --format {{.State.Pid}} $NAME) -n -- $IPTABLES -t nat";
+		IPTABLES="nsenter -t $(docker inspect --format {{.State.Pid}} $NAME) -n -- $IPTABLES -t nat";
 	fi
 	
-	debug "iptables: "$NS_IPTABLES;
+	debug "iptables: "$IPTABLES;
 	
 	if [[ "$PREROUTING" == "true" ]] ; then
 		prerouting;