diff --git a/doc/_index.html b/doc/_index.html
index f5b0f9a..b9c274a 100644
--- a/doc/_index.html
+++ b/doc/_index.html
@@ -73,11 +73,6 @@
       
             </li>
     
-            <li>
-      <span class='object_link'><a href="puppet_classes/confdroid_ssh_3A_3Afirewall_3A_3Aiptables.html" title="puppet_classes::confdroid_ssh::firewall::iptables (puppet_class)">confdroid_ssh::firewall::iptables</a></span>
-      
-            </li>
-    
             <li>
       <span class='object_link'><a href="puppet_classes/confdroid_ssh_3A_3Amain_3A_3Aconfig.html" title="puppet_classes::confdroid_ssh::main::config (puppet_class)">confdroid_ssh::main::config</a></span>
       
diff --git a/doc/puppet_class_list.html b/doc/puppet_class_list.html
index 5557e96..87e5d2f 100644
--- a/doc/puppet_class_list.html
+++ b/doc/puppet_class_list.html
@@ -43,56 +43,49 @@
     </li>
     
 
-    <li id="object_puppet_classes::confdroid_ssh::firewall::iptables" class="even">
-      <div class="item">
-        <span class='object_link'><a href="puppet_classes/confdroid_ssh_3A_3Afirewall_3A_3Aiptables.html" title="puppet_classes::confdroid_ssh::firewall::iptables (puppet_class)">confdroid_ssh::firewall::iptables</a></span>
-      </div>
-    </li>
-    
-
-    <li id="object_puppet_classes::confdroid_ssh::main::config" class="odd">
+    <li id="object_puppet_classes::confdroid_ssh::main::config" class="even">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/confdroid_ssh_3A_3Amain_3A_3Aconfig.html" title="puppet_classes::confdroid_ssh::main::config (puppet_class)">confdroid_ssh::main::config</a></span>
       </div>
     </li>
     
 
-    <li id="object_puppet_classes::confdroid_ssh::main::dirs" class="even">
+    <li id="object_puppet_classes::confdroid_ssh::main::dirs" class="odd">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/confdroid_ssh_3A_3Amain_3A_3Adirs.html" title="puppet_classes::confdroid_ssh::main::dirs (puppet_class)">confdroid_ssh::main::dirs</a></span>
       </div>
     </li>
     
 
-    <li id="object_puppet_classes::confdroid_ssh::main::files" class="odd">
+    <li id="object_puppet_classes::confdroid_ssh::main::files" class="even">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/confdroid_ssh_3A_3Amain_3A_3Afiles.html" title="puppet_classes::confdroid_ssh::main::files (puppet_class)">confdroid_ssh::main::files</a></span>
       </div>
     </li>
     
 
-    <li id="object_puppet_classes::confdroid_ssh::main::install" class="even">
+    <li id="object_puppet_classes::confdroid_ssh::main::install" class="odd">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/confdroid_ssh_3A_3Amain_3A_3Ainstall.html" title="puppet_classes::confdroid_ssh::main::install (puppet_class)">confdroid_ssh::main::install</a></span>
       </div>
     </li>
     
 
-    <li id="object_puppet_classes::confdroid_ssh::main::service" class="odd">
+    <li id="object_puppet_classes::confdroid_ssh::main::service" class="even">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/confdroid_ssh_3A_3Amain_3A_3Aservice.html" title="puppet_classes::confdroid_ssh::main::service (puppet_class)">confdroid_ssh::main::service</a></span>
       </div>
     </li>
     
 
-    <li id="object_puppet_classes::confdroid_ssh::params" class="even">
+    <li id="object_puppet_classes::confdroid_ssh::params" class="odd">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/confdroid_ssh_3A_3Aparams.html" title="puppet_classes::confdroid_ssh::params (puppet_class)">confdroid_ssh::params</a></span>
       </div>
     </li>
     
 
-    <li id="object_puppet_classes::confdroid_ssh::selinux::semanage" class="odd">
+    <li id="object_puppet_classes::confdroid_ssh::selinux::semanage" class="even">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/confdroid_ssh_3A_3Aselinux_3A_3Asemanage.html" title="puppet_classes::confdroid_ssh::selinux::semanage (puppet_class)">confdroid_ssh::selinux::semanage</a></span>
       </div>
diff --git a/doc/puppet_classes/confdroid_ssh_3A_3Aparams.html b/doc/puppet_classes/confdroid_ssh_3A_3Aparams.html
index d7b6f9c..501f091 100644
--- a/doc/puppet_classes/confdroid_ssh_3A_3Aparams.html
+++ b/doc/puppet_classes/confdroid_ssh_3A_3Aparams.html
@@ -79,8 +79,6 @@
       
       <span class='object_link'><a href="confdroid_ssh_3A_3Aselinux_3A_3Asemanage.html" title="puppet_classes::confdroid_ssh::selinux::semanage (puppet_class)">confdroid_ssh::selinux::semanage</a></span><br/>
       
-      <span class='object_link'><a href="confdroid_ssh_3A_3Afirewall_3A_3Aiptables.html" title="puppet_classes::confdroid_ssh::firewall::iptables (puppet_class)">confdroid_ssh::firewall::iptables</a></span><br/>
-      
     </dd>
   </dl>
   
diff --git a/manifests/firewall/iptables.pp b/manifests/firewall/iptables.pp
index a43728e..400b418 100644
--- a/manifests/firewall/iptables.pp
+++ b/manifests/firewall/iptables.pp
@@ -6,7 +6,7 @@
 class confdroid_ssh::firewall::iptables (
 
 ) inherits confdroid_ssh::params {
-  if $ssh_use_firewall {
+  if $ssh_use_firewall == true {
     firewall { "${ssh_fw_order}${ssh_fw_port} allow SSH on port ${ssh_fw_port}":
       ensure => 'present',
       proto  => 'tcp',
@@ -14,5 +14,14 @@ class confdroid_ssh::firewall::iptables (
       dport  => $ssh_fw_port,
       jump   => 'accept',
     }
+  else {
+    firewall { "${ssh_fw_order}${ssh_fw_port} remove SSH on port ${ssh_fw_port}":
+      ensure => 'absent',
+      proto  => 'tcp',
+      source => $ssh_source_range,
+      dport  => $ssh_fw_port,
+      jump   => 'accept',
+      }
+    }
   }
 }