diff --git a/firewall b/firewall
index 0089072..b0cf2d0 100755
--- a/firewall
+++ b/firewall
@@ -196,18 +196,20 @@ fw_start() {
 #  $IPT -A OUTPUT -j ACCEPT -p udp -o ${ILAN} --dport 53 -m state --state NEW -m comment --comment "DNS out udp"
 #  $IPT -A OUTPUT -j ACCEPT -p tcp -o ${ILAN} --dport 53 -m state --state NEW -m comment --comment "DNS out tcp"
 
-if [ $(command -v dhclient) ]; then
-  #### DHCP
-  $IPT -A OUTPUT -j ACCEPT -p udp -o ${ILAN} -s "${IPLAN}" --sport 68 -m comment --comment "DHCPREQUEST"
-fi
+  if [ $(command -v dhclient) ]; then
+    #### DHCP
+    $IPT -A OUTPUT -j ACCEPT -p udp -o ${ILAN} -s "${IPLAN}" --sport 68 -m comment --comment "DHCPREQUEST"
+  fi
 
   #### HTTP (maj, ...)
   $IPT -A OUTPUT -j ACCEPT -p tcp -o ${ILAN} --dport 80 -m state --state NEW -m comment --comment "HTTP out"
   $IPT -A OUTPUT -j ACCEPT -p tcp -o ${ILAN} --dport 443 -m state --state NEW -m comment --comment "HTTPS out"
 
-#  #### NTP
-#  $IPT -A OUTPUT -j ACCEPT -p udp -o ${ILAN} --dport 123 -m state --state NEW -m comment --comment "NTP"
-#
+  if [ $(command -v ntpd) ]; then
+    #### NTP
+    $IPT -A OUTPUT -j ACCEPT -p udp -o ${ILAN} --dport 123 -m state --state NEW -m comment --comment "NTP out"
+  fi
+
 #  #### Puppet (connection, ... )
 #  $IPT -A OUTPUT -j ACCEPT -p tcp -o "${ILAN}" --dport 8140 -m state --state NEW -m comment --comment "Puppet out"
   #### OpenPGP HTTP key server (add key, maj, ...)