diff --git a/hosts/containers/freifunk/configuration.nix b/hosts/containers/freifunk/configuration.nix
index c64cc9e0..eb6f2c32 100644
--- a/hosts/containers/freifunk/configuration.nix
+++ b/hosts/containers/freifunk/configuration.nix
@@ -44,8 +44,9 @@ in {
     # Setup routing into Freifunk,
     # masquerading anything that isn't already their IP range
     extraCommands = ''
-      set +e
+      ${pkgs.iproute}/bin/ip rule del priority 300 || true
       ${pkgs.iproute}/bin/ip rule add to 10.200.0.0/16 table bmx priority 300
+      ${pkgs.iptables}/bin/iptables -t nat -F POSTROUTING
       ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING \
         \! --source 10.200.0.0/15 -o ${meshInterface} -j SNAT --to 10.200.${ddmeshAddrPart}
       set -e