diff --git a/src/firewall/server/firewalld.py b/src/firewall/server/firewalld.py
index 92da014..fd0b5ce 100644
--- a/src/firewall/server/firewalld.py
+++ b/src/firewall/server/firewalld.py
@@ -60,10 +60,10 @@ class FirewallD(slip.dbus.service.Object):
     """FirewallD main class"""
 
     persistent = True
     """ Make FirewallD persistent. """
-    default_polkit_auth_required = config.dbus.PK_ACTION_INFO
-    """ Use config.dbus.PK_ACTION_INFO as a default """
+    default_polkit_auth_required = config.dbus.PK_ACTION_CONFIG
+    """ Use config.dbus.PK_ACTION_CONFIG as a default """
 
     @handle_exceptions
     def __init__(self, *args, **kwargs):
         super(FirewallD, self).__init__(*args, **kwargs)
@@ -2127,8 +2127,9 @@ class FirewallD(slip.dbus.service.Object):
             raise
 
     # DIRECT PASSTHROUGH (tracked)
 
+    @slip.dbus.polkit.require_auth(config.dbus.PK_ACTION_DIRECT)
     @dbus_service_method(config.dbus.DBUS_INTERFACE_DIRECT, in_signature='sas',
                          out_signature='')
     @dbus_handle_exceptions
     def addPassthrough(self, ipv, args, sender=None):
@@ -2140,8 +2141,9 @@ class FirewallD(slip.dbus.service.Object):
         self.accessCheck(sender)
         self.fw.direct.add_passthrough(ipv, args)
         self.PassthroughAdded(ipv, args)
 
+    @slip.dbus.polkit.require_auth(config.dbus.PK_ACTION_DIRECT)
     @dbus_service_method(config.dbus.DBUS_INTERFACE_DIRECT, in_signature='sas',
                          out_signature='')
     @dbus_handle_exceptions
     def removePassthrough(self, ipv, args, sender=None):
@@ -2255,8 +2257,9 @@ class FirewallD(slip.dbus.service.Object):
         return self.fw.ipset.get_ipset(ipset).export_config()
 
     # set entries # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
 
+    @slip.dbus.polkit.require_auth(config.dbus.PK_ACTION_CONFIG)
     @dbus_service_method(config.dbus.DBUS_INTERFACE_IPSET, in_signature='ss',
                          out_signature='')
     @dbus_handle_exceptions
     def addEntry(self, ipset, entry, sender=None):
@@ -2267,8 +2270,9 @@ class FirewallD(slip.dbus.service.Object):
         self.accessCheck(sender)
         self.fw.ipset.add_entry(ipset, entry)
         self.EntryAdded(ipset, entry)
 
+    @slip.dbus.polkit.require_auth(config.dbus.PK_ACTION_CONFIG)
     @dbus_service_method(config.dbus.DBUS_INTERFACE_IPSET, in_signature='ss',
                          out_signature='')
     @dbus_handle_exceptions
     def removeEntry(self, ipset, entry, sender=None):
@@ -2300,9 +2304,9 @@ class FirewallD(slip.dbus.service.Object):
         ipset = dbus_to_python(ipset)
         log.debug1("ipset.getEntries('%s')" % ipset)
         return self.fw.ipset.get_entries(ipset)
 
-    @slip.dbus.polkit.require_auth(config.dbus.PK_ACTION_INFO)
+    @slip.dbus.polkit.require_auth(config.dbus.PK_ACTION_CONFIG)
     @dbus_service_method(config.dbus.DBUS_INTERFACE_IPSET, in_signature='sas')
     @dbus_handle_exceptions
     def setEntries(self, ipset, entries, sender=None): # pylint: disable=W0613
         # returns list of added entries for the ipset