diff --git a/tripleo_ansible/roles/tripleo_firewall/defaults/main.yml b/tripleo_ansible/roles/tripleo_firewall/defaults/main.yml
index 79fea9f09..419ceb74e 100644
--- a/tripleo_ansible/roles/tripleo_firewall/defaults/main.yml
+++ b/tripleo_ansible/roles/tripleo_firewall/defaults/main.yml
@@ -71,7 +71,7 @@ tripleo_firewall_default_rules:
     state:
       - NEW
     destination: 'fe80::/64'
-  '998 log all':
+  '999 log all':
     proto: all
     jump: LOG
     limit: 20/min
@@ -80,6 +80,3 @@ tripleo_firewall_default_rules:
     nft_flags: 'all'
     nft_prefix: 'DROPPING: '
     state: []
-  '999 drop all':
-    proto: all
-    action: drop
diff --git a/tripleo_ansible/roles/tripleo_firewall/molecule/nftables/converge.yml b/tripleo_ansible/roles/tripleo_firewall/molecule/nftables/converge.yml
index 9e3e93442..8de701457 100644
--- a/tripleo_ansible/roles/tripleo_firewall/molecule/nftables/converge.yml
+++ b/tripleo_ansible/roles/tripleo_firewall/molecule/nftables/converge.yml
@@ -20,3 +20,8 @@
   roles:
     - role: "tripleo_firewall"
       tripleo_firewall_engine: 'nftables'
+  tasks:
+    - name: Clean everything nftables related
+      import_role:
+        name: tripleo_nftables
+        tasks_from: cleanup.yaml
diff --git a/tripleo_ansible/roles/tripleo_nftables/defaults/main.yml b/tripleo_ansible/roles/tripleo_nftables/defaults/main.yml
index 8bf7ffb6e..95b909914 100644
--- a/tripleo_ansible/roles/tripleo_nftables/defaults/main.yml
+++ b/tripleo_ansible/roles/tripleo_nftables/defaults/main.yml
@@ -58,8 +58,4 @@ tripleo_nftables_rules:
       flags: 'all'
       prefix: 'DROPPING: '
       state: []
-    rule_name: 998 log all
-  - rule:
-      action: drop
-      proto: all
-    rule_name: 999 drop all
+    rule_name: 999 log all