diff --git a/ubuntu/roles/firewall-ruleset-deploy/files/deirdre.asininetech.net.rules.v4 b/ubuntu/roles/firewall-ruleset-deploy/files/deirdre.asininetech.net.rules.v4
index 822ba2f..9192b9f 100644
--- a/ubuntu/roles/firewall-ruleset-deploy/files/deirdre.asininetech.net.rules.v4
+++ b/ubuntu/roles/firewall-ruleset-deploy/files/deirdre.asininetech.net.rules.v4
@@ -4,7 +4,7 @@
 :INPUT DROP
 :FORWARD DROP
 :OUTPUT DROP
-#-A INPUT -m set --match-set nasties src -j DROP
+-A INPUT -m set --match-set nasties src -j DROP
 -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 -A INPUT -i lo -j ACCEPT
 -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
diff --git a/ubuntu/roles/ipset-deploy/tasks/main.yml b/ubuntu/roles/ipset-deploy/tasks/main.yml
index c8ef039..8812a48 100644
--- a/ubuntu/roles/ipset-deploy/tasks/main.yml
+++ b/ubuntu/roles/ipset-deploy/tasks/main.yml
@@ -1,9 +1,9 @@
 ---
 # This role deploys ipset rulesets to Ubuntu hosts
 
-- name: Flush any existing ipsets
+- name: Destroy any existing ipsets
   shell:
-    cmd: /sbin/ipset flush
+    cmd: /sbin/ipset destroy
 
 - name: Copy ipset.service
   copy: