diff --git a/CONFIG.sh b/CONFIG.sh
index dda2617..9d70519 100644
--- a/CONFIG.sh
+++ b/CONFIG.sh
@@ -1,11 +1,14 @@
-# firewall configuration
-sudo yum install -y iptables-services
-sudo systemctl stop firewalld
-sudo systemctl disable firewalld
-sudo systemctl mask firewalld
-sudo systemctl enable iptables
-sudo iptables -F
+alias s="sudo systemctl"
 
 function instalar() {
     yum list installed "$1" &>/dev/null && echo "$1 já instalado" || sudo yum install -y "$1"
 }
+
+function ativar_firewall() {
+    instalar iptables-services
+    s stop firewalld
+    s disable firewalld
+    s mask firewalld
+    s enable iptables
+    sudo iptables -F
+}
diff --git a/FIREWALL.sh b/FIREWALL.sh
index a71a782..8d9e439 100644
--- a/FIREWALL.sh
+++ b/FIREWALL.sh
@@ -13,10 +13,10 @@ instalar epel_release
 instalar httpd
 instalar mod_security
 instalar mod_security_crs
+ativar_firewall
 
 # nat
 sudo sysctl -w net.ipv4.ip_forward=1
-
 sudo iptables -t nat -F
 sudo iptables -A FORWARD -i enp0s9 -o enp0s8 -j ACCEPT
 sudo iptables -A FORWARD -i enp0s8 -o enp0s9 -m state --state ESTABLISHED,RELATED -j ACCEPT
diff --git a/WEB_SERVER.sh b/WEB_SERVER.sh
index e3008a5..0a6f656 100644
--- a/WEB_SERVER.sh
+++ b/WEB_SERVER.sh
@@ -21,5 +21,8 @@ if [[ ! -d "$jspath" ]]; then
     npm i
 fi
 
+# fazer so depois de instalar tudo
+ativar_firewall
+
 # correr juice shop via npm
 npm start