diff --git a/manifests/firewall.pp b/manifests/firewall.pp
index e3ffebb..1387c0c 100644
--- a/manifests/firewall.pp
+++ b/manifests/firewall.pp
@@ -3,14 +3,25 @@
 # Defines firewall rules for the HTCondor server (CE)
 #
 class htcondor::firewall (
-  $worker_nodes_network = '127.0.0.1/32') {
+  $worker_nodes_network = '127.0.0.1') {
   firewall { '200 Allow worker nodes to contact server':
     action => 'accept',
     source => $worker_nodes_network,
-    proto  => 'all',
+    proto  => 'tcp',
     state  => [
       'ESTABLISHED',
       'NEW'],
-    dport  => '9000-1000',
+    dport  => '9000-10000',
   }
+
+  firewall { '201 Allow worker nodes to contact server':
+    action => 'accept',
+    source => $worker_nodes_network,
+    proto  => 'tcp',
+    state  => [
+      'ESTABLISHED',
+      'NEW'],
+    dport  => '9000-10000',
+  }
+
 }