diff --git a/package/gluon-next-node/Makefile b/package/gluon-next-node/Makefile
index 0edcec649533b759b225d4d2a4b00b4957edee46..ee0e0920ae8c399774055ed2e69d776cab6b91fd 100644
--- a/package/gluon-next-node/Makefile
+++ b/package/gluon-next-node/Makefile
@@ -30,7 +30,6 @@ endef
 
 define Package/gluon-next-node/install
 	$(CP) ./files/* $(1)/
-	$(GLUON_GENERATE) ./generate/* $(1)/
 endef
 
 $(eval $(call BuildPackage,gluon-next-node))
diff --git a/package/gluon-next-node/files/lib/gluon/ebtables/250-next-node b/package/gluon-next-node/files/lib/gluon/ebtables/250-next-node
new file mode 100644
index 0000000000000000000000000000000000000000..6b9588f7cf7ca57d7140a541b2a2c5990d6d9c0d
--- /dev/null
+++ b/package/gluon-next-node/files/lib/gluon/ebtables/250-next-node
@@ -0,0 +1,17 @@
+local site = require 'gluon.site_config'
+local next_node = site.next_node
+
+rule('FORWARD --logical-out br-client -o bat0 -d ' .. next_node.mac .. ' -j DROP')
+rule('OUTPUT --logical-out br-client -o bat0 -d ' .. next_node.mac .. ' -j DROP')
+rule('FORWARD --logical-out br-client -o bat0 -s ' .. next_node.mac .. ' -j DROP')
+rule('OUTPUT --logical-out br-client -o bat0 -s ' .. next_node.mac .. ' -j DROP')
+
+rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP')
+rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP')
+rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP')
+rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP')
+
+rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP')
+rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP')
+rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP')
+rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP')
diff --git a/package/gluon-next-node/generate/lib/gluon/ebtables/250-next-node b/package/gluon-next-node/generate/lib/gluon/ebtables/250-next-node
deleted file mode 100644
index 7595df290ed4ec27035b37137f7f8eb4dd0491af..0000000000000000000000000000000000000000
--- a/package/gluon-next-node/generate/lib/gluon/ebtables/250-next-node
+++ /dev/null
@@ -1,14 +0,0 @@
-rule 'FORWARD --logical-out br-client -o bat0 -d @next_node.mac@ -j DROP'
-rule 'OUTPUT --logical-out br-client -o bat0 -d @next_node.mac@ -j DROP'
-rule 'FORWARD --logical-out br-client -o bat0 -s @next_node.mac@ -j DROP'
-rule 'OUTPUT --logical-out br-client -o bat0 -s @next_node.mac@ -j DROP'
-
-rule 'FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-destination @next_node.ip4@ -j DROP'
-rule 'OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-destination @next_node.ip4@ -j DROP'
-rule 'FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-source @next_node.ip4@ -j DROP'
-rule 'OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-source @next_node.ip4@ -j DROP'
-
-rule 'FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-destination @next_node.ip6@ -j DROP'
-rule 'OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-destination @next_node.ip6@ -j DROP'
-rule 'FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-source @next_node.ip6@ -j DROP'
-rule 'OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-source @next_node.ip6@ -j DROP'