diff --git a/src/config.js b/src/config.js
index 4d71f96c..33ff7832 100644
--- a/src/config.js
+++ b/src/config.js
@@ -27,6 +27,11 @@ iptables -A FORWARD -o wg0 -j ACCEPT;
 `.split('\n').join(' ');
 
 module.exports.WG_PRE_DOWN = process.env.WG_PRE_DOWN || '';
-module.exports.WG_POST_DOWN = process.env.WG_POST_DOWN || '';
+module.exports.WG_POST_DOWN = process.env.WG_POST_DOWN || `
+iptables -t nat -D POSTROUTING -s ${module.exports.WG_DEFAULT_ADDRESS.replace('x', '0')}/24 -o ${module.exports.WG_DEVICE} -j MASQUERADE;
+iptables -D INPUT -p udp -m udp --dport 51820 -j ACCEPT;
+iptables -D FORWARD -i wg0 -j ACCEPT;
+iptables -D FORWARD -o wg0 -j ACCEPT;
+`.split('\n').join(' ');
 module.exports.LANG = process.env.LANG || 'en';
 module.exports.UI_TRAFFIC_STATS = process.env.UI_TRAFFIC_STATS || 'false';
diff --git a/src/lib/WireGuard.js b/src/lib/WireGuard.js
index f72c3a23..8377f6f6 100644
--- a/src/lib/WireGuard.js
+++ b/src/lib/WireGuard.js
@@ -318,4 +318,9 @@ Endpoint = ${WG_HOST}:${WG_PORT}`;
     await this.saveConfig();
   }
 
+  // Shutdown wireguard
+  async Shutdown() {
+    await Util.exec('wg-quick down wg0').catch(() => { });
+  }
+
 };
diff --git a/src/server.js b/src/server.js
index 0bc2c985..1ad06b34 100644
--- a/src/server.js
+++ b/src/server.js
@@ -12,3 +12,18 @@ WireGuard.getConfig()
     // eslint-disable-next-line no-process-exit
     process.exit(1);
   });
+
+// Handle terminate signal
+process.on('SIGTERM', async () => {
+  // eslint-disable-next-line no-console
+  console.log('SIGTERM signal received.');
+  await WireGuard.Shutdown();
+  // eslint-disable-next-line no-process-exit
+  process.exit(0);
+});
+
+// Handle interupt signal
+process.on('SIGINT', () => {
+  // eslint-disable-next-line no-console
+  console.log('SIGINT signal received.');
+});