diff --git a/networker/networker.go b/networker/networker.go
index dc4291a8..37ce3cff 100644
--- a/networker/networker.go
+++ b/networker/networker.go
@@ -45,6 +45,9 @@ var (
 	// connection to be canceled
 	ErrNothingToCancel = errors.New("nothing to cancel")
 	defaultMeshSubnet  = netip.MustParsePrefix("100.64.0.0/10")
+	// ErrNoSuchRule is returned when networker tried to remove
+	// a rule, but such rule does not exist
+	ErrNoSuchRule = errors.New("such rule does not exist")
 )
 
 const (
@@ -1651,7 +1654,7 @@ func (netw *Combined) removeRule(ruleName string) error {
 	ruleIndex := slices.Index(netw.rules, ruleName)
 
 	if ruleIndex == -1 {
-		return fmt.Errorf("allow rule does not exist for %s", ruleName)
+		return ErrNoSuchRule
 	}
 
 	if err := netw.fw.Delete([]string{ruleName}); err != nil {
@@ -1668,15 +1671,26 @@ func (netw *Combined) ForbidFileshare() error {
 	if !netw.isFilesharePermitted {
 		return nil
 	}
-	defer func() { netw.isFilesharePermitted = false }()
-	return netw.blockFileshareAll()
+
+	err := netw.blockFileshareAll()
+	// NOTE: Mark fileshare as forbidden only when there was no error here, so it
+	// can be tried again.
+	if err == nil {
+		netw.isFilesharePermitted = false
+	}
+
+	return err
 }
 
 func (netw *Combined) blockFileshareAll() error {
 	var allErrors []error
 	for _, peer := range netw.cfg.Peers {
 		err := netw.blockFileshare(peer.PublicKey, peer.Address)
-		allErrors = append(allErrors, err)
+		// NOTE: It's fine to have the rule already removed which returns [ErrNoSuchRule].
+		// It's not fine to have any other errors, so keep those.
+		if !errors.Is(err, ErrNoSuchRule) {
+			allErrors = append(allErrors, err)
+		}
 	}
 	return errors.Join(allErrors...)
 }
diff --git a/networker/networker_test.go b/networker/networker_test.go
index fd44a0b7..3868654a 100644
--- a/networker/networker_test.go
+++ b/networker/networker_test.go
@@ -1730,7 +1730,7 @@ func TestCombined_BlocNonExistingRuleFail(t *testing.T) {
 				false,
 			)
 			// Should fail to block rule non existing
-			expectedErrorMsg := fmt.Sprintf("allow rule does not exist for %s", test.ruleName)
+			expectedErrorMsg := "such rule does not exist"
 			err := netw.BlockIncoming(meshnet.UniqueAddress{UID: test.name, Address: netip.MustParseAddr(test.address)})
 			assert.EqualErrorf(t, err, expectedErrorMsg, "Error should be: %v, got: %v", expectedErrorMsg, err)
 		})