diff --git a/manifests/firewall/iptables.pp b/manifests/firewall/iptables.pp
index 400b418..665441d 100644
--- a/manifests/firewall/iptables.pp
+++ b/manifests/firewall/iptables.pp
@@ -14,6 +14,7 @@ class confdroid_ssh::firewall::iptables (
       dport  => $ssh_fw_port,
       jump   => 'accept',
     }
+  }
   else {
     firewall { "${ssh_fw_order}${ssh_fw_port} remove SSH on port ${ssh_fw_port}":
       ensure => 'absent',
@@ -21,7 +22,7 @@ class confdroid_ssh::firewall::iptables (
       source => $ssh_source_range,
       dport  => $ssh_fw_port,
       jump   => 'accept',
-      }
     }
   }
 }
+