diff --git a/package/gluon-core/Makefile b/package/gluon-core/Makefile
index 27babd75..17cde4d4 100644
--- a/package/gluon-core/Makefile
+++ b/package/gluon-core/Makefile
@@ -12,7 +12,7 @@ define Package/gluon-core
   SECTION:=gluon
   CATEGORY:=Gluon
   TITLE:=Base files of Gluon
-  DEPENDS:=+gluon-config +lua-platform-info +luci-lib-core +odhcp6c
+  DEPENDS:=+gluon-config +lua-platform-info +luci-lib-core +odhcp6c +firewall
 endef
 
 define Package/gluon-core/description
diff --git a/package/gluon-firewall/files/lib/gluon/upgrade/firewall/invariant/011-firewall-rules b/package/gluon-core/files/lib/gluon/upgrade/core/invariant/014-firewall-rules
similarity index 79%
rename from package/gluon-firewall/files/lib/gluon/upgrade/firewall/invariant/011-firewall-rules
rename to package/gluon-core/files/lib/gluon/upgrade/core/invariant/014-firewall-rules
index 1a422ca3..792e06a2 100755
--- a/package/gluon-firewall/files/lib/gluon/upgrade/firewall/invariant/011-firewall-rules
+++ b/package/gluon-core/files/lib/gluon/upgrade/core/invariant/014-firewall-rules
@@ -26,16 +26,5 @@ c:section('firewall', 'rule', 'wan_ssh',
 	  }
 )
 
-
-c:section('firewall', 'rule', 'client_dns',
-	  {
-		  name = 'client_dns',
-		  src = 'client',
-		  dest_port = '53',
-		  target = 'REJECT',
-	  }
-)
-
-
 c:save('firewall')
 c:commit('firewall')
diff --git a/package/gluon-firewall/Makefile b/package/gluon-firewall/Makefile
deleted file mode 100644
index ceb4820c..00000000
--- a/package/gluon-firewall/Makefile
+++ /dev/null
@@ -1,37 +0,0 @@
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=gluon-firewall
-PKG_VERSION:=1
-
-PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/gluon-firewall
-  SECTION:=gluon
-  CATEGORY:=Gluon
-  TITLE:=Restrictive firewall rules
-  DEPENDS:=+gluon-core +firewall
-endef
-
-define Package/gluon-firewall/description
-	Gluon community wifi mesh firmware framework:
-	Firewall rules which try to ensure a node can't be abused
-	(e.g. for DNS amplification attacks)
-endef
-
-define Build/Prepare
-	mkdir -p $(PKG_BUILD_DIR)
-endef
-
-define Build/Configure
-endef
-
-define Build/Compile
-endef
-
-define Package/gluon-firewall/install
-	$(CP) ./files/* $(1)/
-endef
-
-$(eval $(call BuildPackage,gluon-firewall))
diff --git a/package/gluon-mesh-batman-adv/files/lib/gluon/upgrade/mesh-batman-adv/invariant/011-mesh b/package/gluon-mesh-batman-adv/files/lib/gluon/upgrade/mesh-batman-adv/invariant/011-mesh
index 565505d2..ab80bd3d 100755
--- a/package/gluon-mesh-batman-adv/files/lib/gluon/upgrade/mesh-batman-adv/invariant/011-mesh
+++ b/package/gluon-mesh-batman-adv/files/lib/gluon/upgrade/mesh-batman-adv/invariant/011-mesh
@@ -31,6 +31,7 @@ uci:section('network', 'interface', 'bat0',
 uci:save('network')
 uci:commit('network')
 
+
 uci:delete('firewall', 'client')
 uci:section('firewall', 'zone', 'client',
 	    {
@@ -41,9 +42,20 @@ uci:section('firewall', 'zone', 'client',
 		    forward = 'REJECT',
 	    }
 )
+
+c:section('firewall', 'rule', 'client_dns',
+	  {
+		  name = 'client_dns',
+		  src = 'client',
+		  dest_port = '53',
+		  target = 'REJECT',
+	  }
+)
+
 uci:save('firewall')
 uci:commit('firewall')
 
+
 local dnsmasq = uci:get_first('dhcp', 'dnsmasq')
 uci:set('dhcp', dnsmasq, 'boguspriv', 0)
 uci:set('dhcp', dnsmasq, 'localise_queries', 0)