diff --git a/manifests/firewall.pp b/manifests/firewall.pp
index a7f914cbe36d4f3a88ef8edf3092a7d3a5cfe1da..a46181b59fda07b0f978394725c0d3161c978371 100644
--- a/manifests/firewall.pp
+++ b/manifests/firewall.pp
@@ -1,8 +1,44 @@
 # Class for skadereg firewall
 class aim_control::firewall {
-  ::server_firewall::constricto_chain { 'skadereg': }
-  ::server_firewall::rules_file { '55-permit-skadereg.rules':
-    content => template("${module_name}/55-permit-skadereg.rules.erb"),
-    require => ::Server_firewall::Constricto_chain['skadereg'],
+  firewalld_rich_rule { 'Allow 33060 from liu ipv4':
+    ensure  => present,
+    zone    => 'liu',
+    source  => { 'ipset' => 'liu-nets_v4' },
+    port    => { 'port' => 33060, 'protocol' => 'tcp' },
+    action  => 'accept',
+  }
+  firewalld_rich_rule { 'Allow 33060 from liu ipv6':
+    ensure  => present,
+    zone    => 'liu',
+    source  => { 'ipset' => 'liu-nets_v6' },
+    port    => { 'port' => 33060, 'protocol' => 'tcp' },
+    action  => 'accept',
+  }
+  firewalld_rich_rule { 'Allow ssh from liu 10.243.0.0/16':
+    ensure  => present,
+    zone    => 'liu',
+    source  => '10.243.0.0/16',
+    service => 'ssh',
+    action  => 'accept',
+  }
+  firewalld_service { 'Allow https from liu Zone':
+    ensure  => present,
+    zone    => 'liu',
+    service => 'https',
+  }
+  firewalld_service { 'Allow http from liu Zone':
+    ensure  => present,
+    zone    => 'liu',
+    service => 'http',
+  }
+  firewalld_service { 'Allow https from public Zone':
+    ensure  => present,
+    zone    => 'public',
+    service => 'https',
+  }
+  firewalld_service { 'Allow http from public Zone':
+    ensure  => present,
+    zone    => 'public',
+    service => 'http',
   }
 }
diff --git a/templates/55-permit-skadereg.rules.erb b/templates/55-permit-skadereg.rules.erb
deleted file mode 100644
index d09bad5c7a48fdbeaa18bd1bc7f89f786c2ab4a4..0000000000000000000000000000000000000000
--- a/templates/55-permit-skadereg.rules.erb
+++ /dev/null
@@ -1,16 +0,0 @@
-require services
-
-policy skadereg chain skadereg is
-	accept service:http
-	accept service:https
-end policy
-
-append rule INPUT -j skadereg
-append rule INPUT -s class:liu-nets -p tcp --dport 33060:33060 -j ACCEPT
-
-
-# <%# Put installed file in view mode when opened with Emacs: -%>
-# <%= "Nota bene: Puppet managed file, all local changes will be reverted." %>
-# <%= "Local" %> <%= "variables:" %>
-# mode: view
-# <%= "End:" %>