diff --git a/openssh/init.sls b/openssh/init.sls
index aeb7369..6d447fe 100644
--- a/openssh/init.sls
+++ b/openssh/init.sls
@@ -8,13 +8,3 @@ openssh:
     - name: {{ openssh.service }}
     - require:
       - pkg: {{ openssh.server }}
-  iptables.insert:
-    - table: filter
-    - chain: INPUT
-    - position: 1
-    - match: state
-    - connstate: NEW,ESTABLISHED
-    - dport: 22
-    - proto: tcp
-    - jump: ACCEPT
-    - save: True
diff --git a/openssh/iptables-input.sls b/openssh/iptables-input.sls
new file mode 100644
index 0000000..d8414f2
--- /dev/null
+++ b/openssh/iptables-input.sls
@@ -0,0 +1,12 @@
+sshd.iptables.input:
+  iptables.insert:
+    - table: filter
+    - chain: INPUT
+    - position: 1
+    - match: state
+    - connstate: NEW,ESTABLISHED
+    - dport: 22
+    - proto: tcp
+    - jump: ACCEPT
+    - save: True
+