diff --git a/manifests/firewall.pp b/manifests/firewall.pp
new file mode 100644
index 0000000000000000000000000000000000000000..267ffb95d62240475c0b361c09a624704995d72a
--- /dev/null
+++ b/manifests/firewall.pp
@@ -0,0 +1,7 @@
+class skadereg::firewall{
+	::server_firewall::constricto_chain{ 'skadereg': }
+	::server_firewall::rules_file { '55-permit-skadereg.rules':
+		content => template("${module_name}/55-permit-skadereg.rules.erb"),
+		require => ::Server_firewall::Constricto_chain['skadereg'],
+	}
+}
\ No newline at end of file
diff --git a/manifests/init.pp b/manifests/init.pp
index a2eff28008030d4c84ed8443cbdc3eb8e2dae312..98db50cc1ca4d1ea9737d952cd652699b374c33f 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -42,6 +42,8 @@
 #
 # Copyright 2016 Andreas Alvarsson
 #
+
+
 class skadereg {
   ::users::liu_user { 'andal699':
     commonname => 'Andreas Alvarsson',
@@ -49,6 +51,7 @@ class skadereg {
     sshkey     => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDCdb9hWgucRRTpDEH1ozBsWXfC+zTnZEO8rrnuqLlwIy23vEaUK7pJ9tQ7AzdR3+fp6yhWBNOlWC9UT70TnVClS1NfXGXHep0J0yWqNnyXcKviKpVB/p9TOVOULrRX9o3oczYxQa4Bi+eYUfk/en2V6O8tIfYtx5AdWUoofdLYNSpCyrHD1xoH7k1/c+OfW0S3fR5f12n/5u8JTHrztDnpy79CfEtwgMr1pCMjOaiM+OIDYlhNJMvlBo5C6mcDls93snctUR1Zef+sJEznb739uw91f5Yqf5FUBLxXCBi3eveJacBVRVg++ZPzyZ9VHIlBz3OPZ1WEjiM/IRJDBXD4I5MoxnM0Urv2wZBr0+G+1cS916KKraMuEfJHf2Qg4O3L3kZY2zNN5DqRmTx1BflTqe2XdPCCMQJiQi37WjE4fOGfNVsAR2VENhw/TMzc8bcagrrIzeBm3dA5e3R7nTfloPufU6IlIwI9qvCmdI2w0rE3Ve6KHtTzWszjsFtVeOzxVzYkG6GQlT1vr867Ayvx8SWE3GixHiIRByw4BEhFVJWNN/DBT88qd61StuIvWEawZ4WiTGNYfh2SVDIy9Jrcp7Nfg1knK1OtYr+wnjO9OrJtePfo0oo9xwQ3GfwCxni8YJKp40BmfWT/fpY9Pmup71adhaPxPHnELGOeVG/fGw==',
   }
 
+  include skadereg::firewall
   include ::apache
 
   class { '::apache::mod::php':
diff --git a/templates/55-permit-skadereg.rules.erb b/templates/55-permit-skadereg.rules.erb
new file mode 100644
index 0000000000000000000000000000000000000000..81c7cf15cb8cf44cfb2e802aa20901137240f1dd
--- /dev/null
+++ b/templates/55-permit-skadereg.rules.erb
@@ -0,0 +1,8 @@
+require services
+
+policy skadereg chain skadereg is
+	accept service:http
+	accept service:https
+end policy
+
+append rule INPUT -j skadereg
\ No newline at end of file