diff --git a/firewall/firewall-add b/firewall/firewall-add
index 44ef99b..15b7ee1 100755
--- a/firewall/firewall-add
+++ b/firewall/firewall-add
@@ -18,53 +18,37 @@ fi
 
 ###############################
 
-COUNT=1
-
 COUNT_SOURCE_IP=$(set |grep SOURCE_IP |wc -l)
 COUNT_TARGET_IP=$(set |grep TARGET_IP |wc -l)
 COUNT_TARGET_PORT=$(set |grep TARGET_PORT |wc -l)
 
-if [[ $COUNT_SOURCE_IP -ge $COUNT_TARGET_IP ]] ; then
-        if [[ $COUNT_SOURCE_IP -ge $COUNT_TARGET_PORT ]] ; then
-                COUNT=$COUNT_SOURCE_IP
-        else
-                if [[ $COUNT_TARGET_IP -ge $COUNT_TARGET_PORT ]] ; then
-                        COUNT=$COUNT_TARGET_IP
-                else
-                        COUNT=$COUNT_TARGET_PORT
-                fi 
-        fi 
-else # not ge
-        if [[ $COUNT_TARGET_IP -ge $COUNT_TARGET_PORT ]] ; then
-                COUNT=$COUNT_TARGET_IP
-        else
-                COUNT=$COUNT_TARGET_PORT
-        fi 
-fi
 
-for i in $(seq 1 $COUNT) ; do                                                                       
-                                                                                                    
+for source_ip_index in $(seq 1 $COUNT_SOURCE_IP) ; do
 	if set |grep SOURCE_IP_ ; then
-		SOURCE_IP=$(eval "echo \${"SOURCE_IP_$i"}")
-	fi
-	if set |grep TARGET_IP_ ; then
-		TARGET_IP=$(eval "echo \${"TARGET_IP_$i"}")                 
-	fi                                                                               
-	if set |grep TARGET_PORT_ ; then
-		TARGET_PORT=$(eval "echo \${"TARGET_PORT_$i"}")
+		SOURCE_IP=$(eval "echo \${"SOURCE_IP_$source_ip_index"}")
 	fi
 
-	# DELETE UNECESSARY LINES FROM PREVIOUS RULES
-	LINES=$(/sbin/iptables-legacy --line-number -n --list $CHAIN | grep $SOURCE_IP |grep $TARGET_IP |grep $PROTOCOL |grep $TARGET_PORT | awk '{print $1}'| tac)
+	for target_ip_index in $(seq 1 $COUNT_TARGET_IP) ; do
+		if set |grep TARGET_IP_ ; then
+			TARGET_IP=$(eval "echo \${"TARGET_IP_$target_ip_index"}")                 
+		fi                                                                               
 
-	if [ -n "$LINES" ] ; then
-        	for i in $LINES; do 
-                	/sbin/iptables-legacy -D $CHAIN $i
-                	sleep 0.1
-        	done
-	fi
+		for target_port_index in $(seq 1 $COUNT_TARGET_PORT) ; do
+			if set |grep TARGET_PORT_ ; then
+				TARGET_PORT=$(eval "echo \${"TARGET_PORT_$target_port_index"}")
+			fi
 
-	# CREATE PORT FORWARD RULES
-	/sbin/iptables-legacy -I $CHAIN -s $SOURCE_IP -d $TARGET_IP -p $PROTOCOL --dport $TARGET_PORT -m comment --comment "$COMMENT" -j ACCEPT      
+			# DELETE UNECESSARY LINES FROM PREVIOUS RULES
+			LINES=$(/sbin/iptables-legacy --line-number -n --list $CHAIN | grep $SOURCE_IP |grep $TARGET_IP |grep $PROTOCOL |grep $TARGET_PORT | awk '{print $1}'| tac)
 
+			if [ -n "$LINES" ] ; then
+				for i in $LINES; do 
+					/sbin/iptables-legacy -D $CHAIN $i
+					sleep 0.1
+				done
+			fi
+
+			/sbin/iptables-legacy -I $CHAIN -s $SOURCE_IP -d $TARGET_IP -p $PROTOCOL --dport $TARGET_PORT -m comment --comment "$COMMENT" -j ACCEPT      
+		done
+	done
 done