diff --git a/openwrt/openwrt-add-wireguard.sh b/openwrt/openwrt-add-wireguard.sh
index d44d9e9..b8b6325 100755
--- a/openwrt/openwrt-add-wireguard.sh
+++ b/openwrt/openwrt-add-wireguard.sh
@@ -10,7 +10,7 @@ if [ $# -lt 4 ]; then
     echo "    ipv6-network: which network to use for us (/48 expected)"
     echo "    private-key: specify wireguard key optionally"
     exit 1
-fi
+qnfi
 
 my_ip=$1; shift
 vpn_endpoint_host=$1; shift
diff --git a/wireguard/gen-tunnels.sh b/wireguard/gen-tunnels.sh
index 0251c07..787869a 100755
--- a/wireguard/gen-tunnels.sh
+++ b/wireguard/gen-tunnels.sh
@@ -21,10 +21,12 @@ case "$v4v6" in
     v6)
         sep=":"
         allowed_ips="::/0"
+        gw_mask="/128"
         ;;
     v4)
         sep="."
         allowed_ips="0.0.0.0/0"
+        gw_mask="/32"
         ;;
 
     *)
@@ -47,7 +49,6 @@ for ip in $(seq $start $end); do
     cat <<EOF > $file
 [Interface]
 PrivateKey = ${privkey}
-ListenPort = 51820
 Address = ${addr}
 
 [Peer]
@@ -60,7 +61,7 @@ EOF
 
 [Peer]
 PublicKey = ${pubkey}
-AllowedIPs = ${addr}
+AllowedIPs = ${addr_nomask}${gw_mask}
 EOF