diff -urN smeserver-wireguard-1.0.old/root/etc/e-smith/events/actions/wireguard-network smeserver-wireguard-1.0/root/etc/e-smith/events/actions/wireguard-network
--- smeserver-wireguard-1.0.old/root/etc/e-smith/events/actions/wireguard-network	2021-10-27 04:15:11.000000000 +0100
+++ smeserver-wireguard-1.0/root/etc/e-smith/events/actions/wireguard-network	2021-11-24 10:54:47.552659023 +0000
@@ -24,6 +24,12 @@
 my $ip = $block->base;
 my $mask = $block->mask;
 
+#First delete any already there.
+my @wg = $netdb->get_all_by_prop(Wireguard=>"wg0");
+foreach my $netwg (@wg) {
+	$netwg->delete();
+}
+# and then create one from the wireguard server ip
 my $iswg=$netdb->get($ip);
 unless ($iswg) {
   $netdb->new_record("$ip",{	type => "network", 
@@ -35,4 +41,3 @@
   exit;
 }
 
-
diff -urN smeserver-wireguard-1.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm smeserver-wireguard-1.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm
--- smeserver-wireguard-1.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm	2021-11-24 09:43:05.057196197 +0000
+++ smeserver-wireguard-1.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm	2021-11-25 09:18:50.980936582 +0000
@@ -441,13 +441,18 @@
                 );
 
     $cdb->get('wg-quick@wg0')->merge_props(%props)
-        or $msg = "Error occurred while modifying pseudonym in database.";
-
-    # Untaint before use in system()
-    ($ip) = ($ip =~ /(\d+\.+\d+\.+\d+\.+\d+\.+\/\d+\.+)/);
-    system( "/sbin/e-smith/signal-event", "wireguard-conf-modify", "$ip",)
-        == 0 or $msg = "Error occurred while modifying wireguard conf.";
+        or $msg = "Error occurred while modifying server details.";
 
+	# Test Ip is inside CIDR
+    if (!test_for_private_ip($ip,$mask)) {$msg = "IP must be in private range";}
+    #else {$msg = "Ip is inside range $ip / $mask";}
+    
+    unless ($msg eq "OK"){
+		# Untaint before use in system()
+		($ip) = ($ip =~ /(\d+\.+\d+\.+\d+\.+\d+\.+\/\d+\.+)/);
+		system( "/sbin/e-smith/signal-event", "wireguard-conf-modify", "$ip",)
+			== 0 or $msg = "Error occurred while modifying wireguard conf.";
+    }
     if ($msg eq "OK")
     {
         $q->delete('ip');
@@ -612,4 +617,15 @@
   return $ip;
 }
 
+sub test_for_private_ip {
+     use NetAddr::IP;
+     $_ = shift;
+     my $mask = shift;
+     return unless /(\d+\.\d+\.\d+\.\d+)/;
+     my $iprange = NetAddr::IP->new($1,"$mask");
+     return unless $iprange;    
+     return ($iprange->first()->is_rfc1918() and  $iprange->last()->is_rfc1918());
+}
+
+
 1;