diff --git a/firewall/firewall-add b/firewall/firewall-add
index f4bd28b..a97e536 100755
--- a/firewall/firewall-add
+++ b/firewall/firewall-add
@@ -92,7 +92,8 @@ postrouting() {
 	
 	debug "$IPTABLES -I POSTROUTING -s $SOURCE_IP -p $PROTOCOL --dport $SOURCE_PORT -m comment --comment "$COMMENT" -j MASQUERADE"	
 	$IPTABLES -I POSTROUTING -d $SOURCE_IP -p $PROTOCOL --dport $SOURCE_PORT -m comment --comment "$COMMENT" -j MASQUERADE	
-	
+	fi 
+
 	if  [ -n "$TARGET_IP" ] ; then
 		LINES=$($IPTABLES -L --line-number -n | grep $COMMENT | grep $TARGET_IP | grep $TARGET_PORT | awk '{print $1}'| tac)
 		debug "Previous postrouting lines: "$LINES
@@ -107,6 +108,7 @@ postrouting() {
 		fi
 	debug "$IPTABLES -I POSTROUTING -s $TARGET_IP -p $PROTOCOL --dport $TARGET_PORT -m comment --comment "$COMMENT" -j MASQUERADE"	
 	$IPTABLES -I POSTROUTING -d $TARGET_IP -p $PROTOCOL --dport $TARGET_PORT -m comment --comment "$COMMENT" -j MASQUERADE	
+	fi
 }
 
 ip_route() {
@@ -123,6 +125,13 @@ ip_route() {
 	done
 }
 
+if [[ "$ROUTE" == "true" ]] ; then
+	IP_ROUTE="nsenter -t $(docker inspect --format {{.State.Pid}} $NAME) -n -- ip route";
+
+	debug "ip_route: "$IP_ROUTE;
+	ip_route;
+fi
+
 COUNT_SOURCE_IP=$(set |grep SOURCE_IP |wc -l)
 COUNT_SOURCE_PORT=$(set |grep SOURCE_PORT |wc -l)
 COUNT_TARGET_IP=$(set |grep TARGET_IP |wc -l)
@@ -208,9 +217,3 @@ fi
 done # source_ip
 
 
-if [[ "$ROUTE" == "true" ]] ; then
-	IP_ROUTE="nsenter -t $(docker inspect --format {{.State.Pid}} $NAME) -n -- ip route";
-
-	debug "ip_route: "$IP_ROUTE;
-	ip_route;
-fi