diff --git a/manifests/init.pp b/manifests/init.pp
index df009658d0ebeea6263126156f427a0543edc6bb..338da6a1f91f0bed194ef00c062e6bb2c9213783 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -30,4 +30,13 @@ class aes {
     shell      => '/bin/bash',
     sshkey     => 'AAAAB3NzaC1yc2EAAAABIwAAAQEAwq552ev0T5YyWDUoEi2hY8hhm6iZHoSnfXNjCpW8eeigSd66FMdaXfWCmwLP/u3Cmino/x5SQQuo1f1RbbHuRQ3iztT/+LIJdqIjCf5rlTKhWx4Goo+weWpNlikHB6A8A1JWbY7yq/sMCiLjO4yYQ606BzwOGY+D0Wsq6lIoadL8USQJU2WKIjHOoAqPdV4HpCk3VxI/KanjyUivXKHq6eVH4yc0m97w9B/5M2UGET5nF2hx5SsoWkd4V3rALGsD3iUwfqxgOaZv62qwldEjFCsBamQfaQGNCJFYdJkmpNTlO46ywV4IC1wFbv7xqPIL33HFK5Q2TepsvdMK3ZRpWQ==', # lint:ignore:140chars
   }
+
+  ::server_firewall::rules_file { '45-permit_squid.rules':
+    content => @(EOF),
+    service squid is { tcp/3128 udp/3128 }
+    policy chain INPUT is
+      accept service:squid from class:liu-nets
+    end policy
+    |-EOF
+  }
 }