diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb
index a13059c..d0912b2 100644
--- a/resources/attributes/default.rb
+++ b/resources/attributes/default.rb
@@ -58,6 +58,7 @@
 default['redborder']['services']['chef-client'] = true
 default['redborder']['services']['chrony'] = true
 default['redborder']['services']['redborder-exporter'] = true
+default['redborder']['services']['firewall'] = true
 default['redborder']['services']['redborder-monitor'] = true
 default['redborder']['services']['rsyslog'] = true
 default['redborder']['services']['snmp'] = true
@@ -66,6 +67,7 @@
 default['redborder']['systemdservices']['barnyard2'] = ['barnyard2']
 default['redborder']['systemdservices']['chef-client'] = ['chef-client']
 default['redborder']['systemdservices']['chrony'] = ['chronyd']
+default['redborder']['systemdservices']['firewall'] = ['firewalld']
 default['redborder']['systemdservices']['redborder-exporter'] = ['rb-exporter']
 default['redborder']['systemdservices']['redborder-monitor'] = ['redborder-monitor']
 default['redborder']['systemdservices']['rsyslog'] = ['rsyslog']
diff --git a/resources/metadata.rb b/resources/metadata.rb
index 4e30bc8..381c8d9 100644
--- a/resources/metadata.rb
+++ b/resources/metadata.rb
@@ -20,3 +20,4 @@
 depends 'rb-clamav'
 depends 'rb-chrony'
 depends 'rb-exporter'
+depends 'rb-firewall'
diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb
index d28cb80..f7e559f 100644
--- a/resources/recipes/configure.rb
+++ b/resources/recipes/configure.rb
@@ -44,6 +44,14 @@
   end
 end
 
+rb_firewall_config 'Configure Firewall' do
+  if ips_services['firewall']
+    action :add
+  else
+    action :remove
+  end
+end
+
 node.normal['redborder']['chef_client_interval'] = 300
 
 directory '/etc/snortpcaps' do