From 68e2867f442b4e35cab0494ca701a3172cb39bd4 Mon Sep 17 00:00:00 2001
From: dogeystamp <dogeystamp@disroot.org>
Date: Tue, 18 Jun 2024 15:27:30 -0400
Subject: [PATCH] wireguard: fix typo in iptables delete rule

---
 roles/wireguard/templates/server.conf.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wireguard/templates/server.conf.j2 b/roles/wireguard/templates/server.conf.j2
index ec1edca..28be267 100644
--- a/roles/wireguard/templates/server.conf.j2
+++ b/roles/wireguard/templates/server.conf.j2
@@ -5,7 +5,7 @@ ListenPort = {{ wireguard.ip.port }}
 
 {% if "bastion" in group_names %}
 PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o {{ net_interface }} -j MASQUERADE
-PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o {{ net_interface }} -j MASQUERADE
+PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o {{ net_interface }} -j MASQUERADE
 {% endif %}
 SaveConfig = false