diff --git a/server/conf/server-sample.toml b/server/conf/server-sample.toml
index 785e901..cada39b 100644
--- a/server/conf/server-sample.toml
+++ b/server/conf/server-sample.toml
@@ -75,5 +75,7 @@ audit_interval = -1
 
 show_sql = false
 
+#是否自动添加nat
+iptables_nat = false
 
 
diff --git a/server/conf/server.toml b/server/conf/server.toml
index 45e6d10..e7f274b 100644
--- a/server/conf/server.toml
+++ b/server/conf/server.toml
@@ -33,4 +33,5 @@ ipv4_gateway = "192.168.10.1"
 ipv4_start = "192.168.10.100"
 ipv4_end = "192.168.10.200"
 
-
+#是否自动添加nat
+iptables_nat = false
diff --git a/server/handler/link_tun.go b/server/handler/link_tun.go
index 5bd0ebc..5ab2fef 100644
--- a/server/handler/link_tun.go
+++ b/server/handler/link_tun.go
@@ -40,12 +40,14 @@ func checkTun() {
 		}
 		natRule := []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-j", "MASQUERADE"}
 		forwardRule := []string{"-j", "ACCEPT"}
-		if natExists, _ := ipt.Exists("filter", "FORWARD", forwardRule...); !natExists {
+		if natExists, _ := ipt.Exists("nat", "POSTROUTING", natRule...); !natExists {
 			ipt.Insert("nat", "POSTROUTING", 1, natRule...)
 		}
-		if forwardExists, _ := ipt.Exists("filter", "FORWARD", natRule...); !forwardExists {
+		if forwardExists, _ := ipt.Exists("filter", "FORWARD", forwardRule...); !forwardExists {
 			ipt.Insert("filter", "FORWARD", 1, forwardRule...)
 		}
+		base.Info(ipt.List("nat", "POSTROUTING"))
+		base.Info(ipt.List("filter", "FORWARD"))
 	}
 }