diff --git a/firewall/manifests/init.pp b/firewall/manifests/init.pp
index 0f0ed9d..489e753 100644
--- a/firewall/manifests/init.pp
+++ b/firewall/manifests/init.pp
@@ -111,6 +111,13 @@ class firewall::common::iptables {
     }
     $ip6states = versioncmp($::kernelversion, "2.6.20")
 
+    if $::operatingsystem == "Fedora" and $::operatingsystemrelease > 17 {
+        package { "firewalld":
+            ensure => absent,
+            before => Package["iptables"],
+        }
+    }
+
     package { "iptables":
         ensure => installed,
         name   => $::operatingsystem ? {
@@ -119,7 +126,8 @@ class firewall::common::iptables {
             "debian" => [ "iptables", "iptables-persistent" ],
             "fedora" => $::operatingsystemrelease ? {
                 /^1[0-5]/ => [ "iptables", "iptables-ipv6" ],
-                default   => "iptables",
+                /^1[6-7]/ => "iptables",
+                default   => [ "iptables", "iptables-services" ],
             },
             "ubuntu" => [ "iptables", "iptables-persistent" ],
         },