diff --git a/manifests/iptables/pre.pp b/manifests/iptables/pre.pp
index 8877fd0a4ed4d90f2b6cfee483e05ad674e38d51..528b3ed2fc70bf4e613b57621487c440b456adf6 100644
--- a/manifests/iptables/pre.pp
+++ b/manifests/iptables/pre.pp
@@ -49,19 +49,19 @@ class lysnetwork::iptables::pre {
   firewall { '000 accept all icmp IPv6':
     proto    => 'ipv6-icmp',
     action   => 'accept',
-    provider => 'ip6tables',
+    protocol => 'ip6tables',
   }
   -> firewall { '001 accept all from Lysator IPv6':
     proto    => 'all',
     source   => '2001:6b0:17:f0a0::0/64',
     action   => 'accept',
-    provider => 'ip6tables',
+    protocol => 'ip6tables',
   }
   -> firewall { '002 accept related established rules IPv6':
     proto    => 'all',
     state    => ['RELATED', 'ESTABLISHED'],
     action   => 'accept',
-    provider => 'ip6tables',
+    protocol => 'ip6tables',
   }
 }
 
diff --git a/manifests/iptables_default_deny.pp b/manifests/iptables_default_deny.pp
index 9499c9be839e3be9401adb2b0e24d4b8ee617a0f..c4c9ea1470208b1649e26fa093c0de094c5ec8b3 100644
--- a/manifests/iptables_default_deny.pp
+++ b/manifests/iptables_default_deny.pp
@@ -42,19 +42,19 @@ class lysnetwork::iptables_default_deny {
   firewall { '000 accept all icmp ipv6':
     proto    => 'ipv6-icmp',
     action   => accept,
-    provider => 'ip6tables',
+    protocol => 'ip6tables',
   }
   -> firewall { '001 accept all on lo ipv6':
     proto    => all,
     iniface  => 'lo',
     action   => accept,
-    provider => 'ip6tables',
+    protocol => 'ip6tables',
   }
   -> firewall { '002 accept related and established ipv6':
     proto    => all,
     state    => ['RELATED', 'ESTABLISHED',],
     action   => accept,
-    provider => 'ip6tables',
+    protocol => 'ip6tables',
   }
 
   # Allow ssh
@@ -68,6 +68,6 @@ class lysnetwork::iptables_default_deny {
     proto    => tcp,
     dport    => '22',
     action   => accept,
-    provider => 'ip6tables',
+    protocol => 'ip6tables',
   }
 }
diff --git a/manifests/iptables_only_lysator.pp b/manifests/iptables_only_lysator.pp
index a45e9e6d3f6dc09db2ce39ab3cc77d84d27ddf9c..fb574a2a3b983a71be2e4145922600e86d8db343 100644
--- a/manifests/iptables_only_lysator.pp
+++ b/manifests/iptables_only_lysator.pp
@@ -36,7 +36,7 @@ class lysnetwork::iptables_only_lysator {
     proto    => all,
     source   => '130.236.254.0/24',
     action   => accept,
-    provider => 'iptables'
+    protocol => 'iptables'
   }
 
   # IPv6
@@ -45,21 +45,21 @@ class lysnetwork::iptables_only_lysator {
     proto    => all,
     iniface  => 'lo',
     action   => accept,
-    provider => 'ip6tables',
+    protocol => 'ip6tables',
   }
 
   firewall { '002 accept related and established ipv6':
     proto    => all,
     state    => ['RELATED', 'ESTABLISHED',],
     action   => accept,
-    provider => 'ip6tables',
+    protocol => 'ip6tables',
   }
 
   firewall { '003 allow lysators ipv6 network':
     proto    => all,
     source   => '2001:6b0:17:f0a0::/64',
     action   => accept,
-    provider => 'ip6tables'
+    protocol => 'ip6tables'
   }
 }