diff --git a/install.py b/install.py
index 9cd4a08..74351a8 100644
--- a/install.py
+++ b/install.py
@@ -46,29 +46,38 @@ def setup_wireguard():
     """Set up WireGuard with complete system configuration"""
     print_step("🔒", "Setting up WireGuard system configuration...")
 
-    # Load WireGuard kernel module
+    # Ensure WireGuard kernel module is loaded
     print("Loading WireGuard kernel module...")
     run_command("sudo modprobe wireguard", "Failed to load WireGuard kernel module", shell=True)
 
     # Enable IP forwarding
     print("Enabling IP forwarding...")
-    run_command("sudo sh -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'", "Failed to enable IP forwarding", shell=True)
-    run_command("sudo sysctl -w net.ipv4.ip_forward=1", "Failed to enable IP forwarding", shell=True)
+    run_command(
+        "sudo sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf",
+        "Failed to update sysctl.conf",
+        shell=True
+    )
+    run_command(
+        "sudo sysctl -p",
+        "Failed to apply sysctl changes",
+        shell=True
+    )
 
     # Apply iptables rules
     print("Applying iptables rules to allow SSH and route traffic correctly...")
 
+    # Ensure SSH access is allowed
     ssh_rules = [
         "sudo iptables -I INPUT -p tcp --dport 22 -j ACCEPT",
         "sudo iptables -I OUTPUT -p tcp --sport 22 -j ACCEPT",
-        "sudo iptables -I FORWARD -p tcp --dport 22 -j ACCEPT"
+        "sudo iptables -I FORWARD -p tcp --dport 22 -j ACCEPT",
+        "sudo iptables -t nat -I POSTROUTING -p tcp --dport 22 -j RETURN"
     ]
 
     for rule in ssh_rules:
         run_command(rule, f"Failed to apply iptables rule: {rule}", shell=True)
 
     # Apply NAT rules for VPN traffic
-    print("Applying NAT and forwarding rules...")
     nat_rules = [
         "sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE",
         "sudo iptables -A FORWARD -i wg0 -j ACCEPT",
@@ -78,16 +87,32 @@ def setup_wireguard():
     for rule in nat_rules:
         run_command(rule, f"Failed to apply iptables rule: {rule}", shell=True)
 
-    # Allow web interface access
-    print_step("🌐", "Allowing web interface on port 1337...")
-    run_command("sudo iptables -A INPUT -p tcp --dport 1337 -j ACCEPT", "Failed to open port 1337", shell=True)
-
-    # Ensure rules are correct before saving
-    print_step("💾", "Saving iptables rules for persistence...")
-    run_command("sudo iptables -S", "Failed to verify iptables rules", shell=True)
+    # Install and save iptables rules persistently
+    print("Installing and saving iptables-persistent...")
+    run_command(["apt-get", "install", "-y", "iptables-persistent"], "Failed to install iptables-persistent")
     run_command("sudo netfilter-persistent save", "Failed to save iptables rules", shell=True)
     run_command("sudo netfilter-persistent reload", "Failed to reload iptables rules", shell=True)
 
+    # Update nameserver
+    print("Updating nameserver...")
+    run_command(
+        "sudo sed -i 's/nameserver .*/nameserver 1.1.1.1/' /etc/resolv.conf",
+        "Failed to update nameserver",
+        shell=True
+    )
+
+    # Install iptables-persistent and save rules
+    print("Making iptables rules persistent...")
+    run_command(
+        ["apt-get", "install", "-y", "iptables-persistent"],
+        "Failed to install iptables-persistent"
+    )
+    run_command(
+        "sudo iptables-save | sudo tee /etc/iptables/rules.v4",
+        "Failed to save iptables rules",
+        shell=True
+    )
+
 def main():
     if os.geteuid() != 0:
         print("❌ This script must be run as root (sudo)")