diff --git a/SOURCES/0044-fix-direct-removeRules-was-mistakenly-removing-all-r.patch b/SOURCES/0044-fix-direct-removeRules-was-mistakenly-removing-all-r.patch
new file mode 100644
index 0000000..afd1bb0
--- /dev/null
+++ b/SOURCES/0044-fix-direct-removeRules-was-mistakenly-removing-all-r.patch
@@ -0,0 +1,35 @@
+From 028e1c617b14cd67f025601f003aec63a75b3b1a Mon Sep 17 00:00:00 2001
+From: Eric Garver <eric@garver.life>
+Date: Fri, 26 Jul 2019 13:32:44 -0400
+Subject: [PATCH 44/50] fix: direct: removeRules() was mistakenly removing all
+ rules
+
+Only remove the rules that match the specified criteria (ipv, table,
+chain).
+
+Fixes: #385
+Fixes: rhbz 1723610
+(cherry picked from commit 174005b15059db054b2f8dcf3b35c23fcbaf44ec)
+(cherry picked from commit 5b796871894bc2f4f973ef11dc9233b4d391dd63)
+---
+ src/firewall/server/config.py | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/firewall/server/config.py b/src/firewall/server/config.py
+index 011052a9cabf..b2cebea9b4be 100644
+--- a/src/firewall/server/config.py
++++ b/src/firewall/server/config.py
+@@ -1367,7 +1367,9 @@ class FirewallDConfig(slip.dbus.service.Object):
+                    (ipv, table, chain, ))
+         self.accessCheck(sender)
+         settings = list(self.getSettings())
+-        settings[1] = []
++        for rule in settings[1]:
++            if (ipv, table, chain) == (rule[0], rule[1], rule[2]):
++                settings[1].remove(rule)
+         self.update(tuple(settings))
+ 
+     @dbus_service_method(config.dbus.DBUS_INTERFACE_CONFIG_DIRECT,
+-- 
+2.23.0
+
diff --git a/SOURCES/0045-test-coverage-for-rhbz-1723610-and-gh-385.patch b/SOURCES/0045-test-coverage-for-rhbz-1723610-and-gh-385.patch
new file mode 100644
index 0000000..10975d5
--- /dev/null
+++ b/SOURCES/0045-test-coverage-for-rhbz-1723610-and-gh-385.patch
@@ -0,0 +1,61 @@
+From 396591e003cd912f6f614c56fc26410a1e97f568 Mon Sep 17 00:00:00 2001
+From: Eric Garver <eric@garver.life>
+Date: Fri, 26 Jul 2019 08:26:50 -0400
+Subject: [PATCH 45/50] test: coverage for rhbz 1723610 and gh #385
+
+(cherry picked from commit 75fc4876dbfbdb1de09a67c48630fa8503ed152d)
+(cherry picked from commit 9657d72ece2631aaab1aa1030658babe77c7f921)
+---
+ src/tests/regression.at             |  1 +
+ src/tests/regression/rhbz1723610.at | 30 +++++++++++++++++++++++++++++
+ 2 files changed, 31 insertions(+)
+ create mode 100644 src/tests/regression/rhbz1723610.at
+
+diff --git a/src/tests/regression.at b/src/tests/regression.at
+index bbfcb65fe6e9..b2c8ba799d56 100644
+--- a/src/tests/regression.at
++++ b/src/tests/regression.at
+@@ -17,3 +17,4 @@ m4_include([regression/rhbz1601610.at])
+ m4_include([regression/gh303.at])
+ m4_include([regression/gh335.at])
+ m4_include([regression/rhbz1715977.at])
++m4_include([regression/rhbz1723610.at])
+diff --git a/src/tests/regression/rhbz1723610.at b/src/tests/regression/rhbz1723610.at
+new file mode 100644
+index 000000000000..f020141e1808
+--- /dev/null
++++ b/src/tests/regression/rhbz1723610.at
+@@ -0,0 +1,30 @@
++FWD_START_TEST([direct remove-rules per family])
++AT_KEYWORDS(direct rhbz1723610 gh385)
++
++FWD_CHECK([-q --permanent --direct --add-rule ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT])
++FWD_CHECK([--permanent --direct --get-all-rules], 0, [dnl
++ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
++])
++FWD_RELOAD
++FWD_CHECK([--direct --get-all-rules], 0, [dnl
++ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
++])
++
++FWD_CHECK([-q --permanent --direct --remove-rules ipv6 filter input])
++FWD_CHECK([-q --permanent --direct --remove-rules ipv4 filter INPUT])
++FWD_CHECK([--permanent --direct --get-all-rules], 0, [dnl
++ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
++])
++FWD_RELOAD
++FWD_CHECK([--direct --get-all-rules], 0, [dnl
++ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
++])
++FWD_CHECK([-q --direct --add-rule ipv4 filter INPUT 0 -p tcp --dport 22 -j ACCEPT])
++FWD_CHECK([-q --direct --add-rule ipv6 filter INPUT 0 -p tcp --dport 22 -j ACCEPT])
++FWD_CHECK([-q --direct --remove-rules ipv4 filter OUTPUT])
++FWD_CHECK([--direct --get-all-rules], 0, [dnl
++ipv4 filter INPUT 0 -p tcp --dport 22 -j ACCEPT
++ipv6 filter INPUT 0 -p tcp --dport 22 -j ACCEPT
++])
++
++FWD_END_TEST
+-- 
+2.23.0
+
diff --git a/SOURCES/0046-fix-tests-regression-rhbz1723610-make-output-reliabl.patch b/SOURCES/0046-fix-tests-regression-rhbz1723610-make-output-reliabl.patch
new file mode 100644
index 0000000..c73299d
--- /dev/null
+++ b/SOURCES/0046-fix-tests-regression-rhbz1723610-make-output-reliabl.patch
@@ -0,0 +1,33 @@
+From bb91a06a2f009f469d455523ff4f133a3c724b64 Mon Sep 17 00:00:00 2001
+From: Eric Garver <eric@garver.life>
+Date: Fri, 26 Jul 2019 13:56:54 -0400
+Subject: [PATCH 46/50] fix: tests/regression/rhbz1723610: make output reliable
+
+The rule listing is unordered, so lets make it reliable.
+
+Fixes: 75fc4876dbfb ("test: coverage for rhbz 1723610 and gh #385")
+(cherry picked from commit 645fc816c09d2d5f767fcecf4bea3d61219780e9)
+(cherry picked from commit c8b851866fd7a5731c9f2ef66f0052ac5e7d0497)
+---
+ src/tests/regression/rhbz1723610.at | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/src/tests/regression/rhbz1723610.at b/src/tests/regression/rhbz1723610.at
+index f020141e1808..3eccc0436ed7 100644
+--- a/src/tests/regression/rhbz1723610.at
++++ b/src/tests/regression/rhbz1723610.at
+@@ -19,11 +19,9 @@ FWD_RELOAD
+ FWD_CHECK([--direct --get-all-rules], 0, [dnl
+ ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
+ ])
+-FWD_CHECK([-q --direct --add-rule ipv4 filter INPUT 0 -p tcp --dport 22 -j ACCEPT])
+ FWD_CHECK([-q --direct --add-rule ipv6 filter INPUT 0 -p tcp --dport 22 -j ACCEPT])
+ FWD_CHECK([-q --direct --remove-rules ipv4 filter OUTPUT])
+ FWD_CHECK([--direct --get-all-rules], 0, [dnl
+-ipv4 filter INPUT 0 -p tcp --dport 22 -j ACCEPT
+ ipv6 filter INPUT 0 -p tcp --dport 22 -j ACCEPT
+ ])
+ 
+-- 
+2.23.0
+
diff --git a/SOURCES/0047-fix-tests-regression-rhbz1723610-avoid-calling-IPv6-.patch b/SOURCES/0047-fix-tests-regression-rhbz1723610-avoid-calling-IPv6-.patch
new file mode 100644
index 0000000..7cc7cff
--- /dev/null
+++ b/SOURCES/0047-fix-tests-regression-rhbz1723610-avoid-calling-IPv6-.patch
@@ -0,0 +1,36 @@
+From 1032f4e815b296a7d0aa17363bf2693926095ef3 Mon Sep 17 00:00:00 2001
+From: Eric Garver <eric@garver.life>
+Date: Fri, 26 Jul 2019 14:17:28 -0400
+Subject: [PATCH 47/50] fix: tests/regression/rhbz1723610: avoid calling IPv6
+ backend
+
+We support running without IPv6, so calling the backend in the test
+case.
+
+Fixes: 75fc4876dbfb ("test: coverage for rhbz 1723610 and gh #385")
+(cherry picked from commit 38978bfde28a3fea9fb4cc61d2bb30ee5474e341)
+(cherry picked from commit c4b3c7ef2d2136992cd745ef7157f20e0e385665)
+---
+ src/tests/regression/rhbz1723610.at | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/tests/regression/rhbz1723610.at b/src/tests/regression/rhbz1723610.at
+index 3eccc0436ed7..35feed2bda9f 100644
+--- a/src/tests/regression/rhbz1723610.at
++++ b/src/tests/regression/rhbz1723610.at
+@@ -19,10 +19,10 @@ FWD_RELOAD
+ FWD_CHECK([--direct --get-all-rules], 0, [dnl
+ ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
+ ])
+-FWD_CHECK([-q --direct --add-rule ipv6 filter INPUT 0 -p tcp --dport 22 -j ACCEPT])
++FWD_CHECK([-q --direct --add-rule ipv4 filter INPUT 0 -p tcp --dport 22 -j ACCEPT])
+ FWD_CHECK([-q --direct --remove-rules ipv4 filter OUTPUT])
+ FWD_CHECK([--direct --get-all-rules], 0, [dnl
+-ipv6 filter INPUT 0 -p tcp --dport 22 -j ACCEPT
++ipv4 filter INPUT 0 -p tcp --dport 22 -j ACCEPT
+ ])
+ 
+ FWD_END_TEST
+-- 
+2.23.0
+
diff --git a/SOURCES/0048-fix-direct-removeRules-not-removing-all-rules-in-cha.patch b/SOURCES/0048-fix-direct-removeRules-not-removing-all-rules-in-cha.patch
new file mode 100644
index 0000000..5b4c0f7
--- /dev/null
+++ b/SOURCES/0048-fix-direct-removeRules-not-removing-all-rules-in-cha.patch
@@ -0,0 +1,29 @@
+From a4f15aab7bbc9e4ea19682fc88b43e3501df58c7 Mon Sep 17 00:00:00 2001
+From: Eric Garver <eric@garver.life>
+Date: Fri, 30 Aug 2019 14:09:11 -0400
+Subject: [PATCH 48/50] fix: direct: removeRules() not removing all rules in
+ chain
+
+Fixes: 174005b15059 ("fix: direct: removeRules() was mistakenly removing all rules")
+(cherry picked from commit 083d6527ad9c60442e424172e223b65132bc6d17)
+(cherry picked from commit 55a639aed7a8b5f2d77d39b26dd78f51b20100ed)
+---
+ src/firewall/server/config.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/firewall/server/config.py b/src/firewall/server/config.py
+index b2cebea9b4be..cd640ba881ca 100644
+--- a/src/firewall/server/config.py
++++ b/src/firewall/server/config.py
+@@ -1367,7 +1367,7 @@ class FirewallDConfig(slip.dbus.service.Object):
+                    (ipv, table, chain, ))
+         self.accessCheck(sender)
+         settings = list(self.getSettings())
+-        for rule in settings[1]:
++        for rule in settings[1][:]:
+             if (ipv, table, chain) == (rule[0], rule[1], rule[2]):
+                 settings[1].remove(rule)
+         self.update(tuple(settings))
+-- 
+2.23.0
+
diff --git a/SOURCES/0049-fix-tests-regression-rhbz1723610-better-coverage.patch b/SOURCES/0049-fix-tests-regression-rhbz1723610-better-coverage.patch
new file mode 100644
index 0000000..315b53a
--- /dev/null
+++ b/SOURCES/0049-fix-tests-regression-rhbz1723610-better-coverage.patch
@@ -0,0 +1,43 @@
+From 2c7f33521ce980647978e46e490cb776befc27c3 Mon Sep 17 00:00:00 2001
+From: Eric Garver <eric@garver.life>
+Date: Fri, 30 Aug 2019 13:58:54 -0400
+Subject: [PATCH 49/50] fix: tests/regression/rhbz1723610: better coverage
+
+Add more coverage to make sure all rules in the given chain are deleted.
+
+(cherry picked from commit 0220c8584512328104bfc816c2daaee2059f6a21)
+(cherry picked from commit a40aa5094387e457cfd4a789ef805dac46132b6e)
+---
+ src/tests/regression/rhbz1723610.at | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/src/tests/regression/rhbz1723610.at b/src/tests/regression/rhbz1723610.at
+index 35feed2bda9f..70eb226cb6df 100644
+--- a/src/tests/regression/rhbz1723610.at
++++ b/src/tests/regression/rhbz1723610.at
+@@ -2,15 +2,21 @@ FWD_START_TEST([direct remove-rules per family])
+ AT_KEYWORDS(direct rhbz1723610 gh385)
+ 
+ FWD_CHECK([-q --permanent --direct --add-rule ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT])
++FWD_CHECK([-q --permanent --direct --add-rule ipv4 filter INPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT])
++FWD_CHECK([-q --permanent --direct --add-rule ipv4 filter INPUT 0 -d 127.0.0.2 -p tcp --dport 22 -j ACCEPT])
+ FWD_CHECK([--permanent --direct --get-all-rules], 0, [dnl
+ ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
++ipv4 filter INPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
++ipv4 filter INPUT 0 -d 127.0.0.2 -p tcp --dport 22 -j ACCEPT
+ ])
+ FWD_RELOAD
+ FWD_CHECK([--direct --get-all-rules], 0, [dnl
+ ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
++ipv4 filter INPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
++ipv4 filter INPUT 0 -d 127.0.0.2 -p tcp --dport 22 -j ACCEPT
+ ])
+ 
+-FWD_CHECK([-q --permanent --direct --remove-rules ipv6 filter input])
++FWD_CHECK([-q --permanent --direct --remove-rules ipv6 filter INPUT])
+ FWD_CHECK([-q --permanent --direct --remove-rules ipv4 filter INPUT])
+ FWD_CHECK([--permanent --direct --get-all-rules], 0, [dnl
+ ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
+-- 
+2.23.0
+
diff --git a/SOURCES/0050-fix-tests-regression-rhbz1723610-make-deterministic.patch b/SOURCES/0050-fix-tests-regression-rhbz1723610-make-deterministic.patch
new file mode 100644
index 0000000..306bee6
--- /dev/null
+++ b/SOURCES/0050-fix-tests-regression-rhbz1723610-make-deterministic.patch
@@ -0,0 +1,70 @@
+From 7c06edce03bcf408a4aa6a9d64b17dafcb951224 Mon Sep 17 00:00:00 2001
+From: Eric Garver <eric@garver.life>
+Date: Tue, 3 Sep 2019 12:57:29 -0400
+Subject: [PATCH 50/50] fix: tests/regression/rhbz1723610: make deterministic
+
+Use --query-rule. The --get-all-rules output is not necessarily in any
+defined order.
+
+Fixes: 0220c8584512 ("fix: tests/regression/rhbz1723610: better coverage")
+(cherry picked from commit 441a4ef405b869b4c68bbbac21f001814578df08)
+(cherry picked from commit 3a634eb266f60bc8419f5e3d37abd425e2d4dff5)
+---
+ src/tests/regression/rhbz1723610.at | 35 +++++++++++++----------------
+ 1 file changed, 16 insertions(+), 19 deletions(-)
+
+diff --git a/src/tests/regression/rhbz1723610.at b/src/tests/regression/rhbz1723610.at
+index 70eb226cb6df..0d0810cc8623 100644
+--- a/src/tests/regression/rhbz1723610.at
++++ b/src/tests/regression/rhbz1723610.at
+@@ -4,31 +4,28 @@ AT_KEYWORDS(direct rhbz1723610 gh385)
+ FWD_CHECK([-q --permanent --direct --add-rule ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT])
+ FWD_CHECK([-q --permanent --direct --add-rule ipv4 filter INPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT])
+ FWD_CHECK([-q --permanent --direct --add-rule ipv4 filter INPUT 0 -d 127.0.0.2 -p tcp --dport 22 -j ACCEPT])
+-FWD_CHECK([--permanent --direct --get-all-rules], 0, [dnl
+-ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
+-ipv4 filter INPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
+-ipv4 filter INPUT 0 -d 127.0.0.2 -p tcp --dport 22 -j ACCEPT
+-])
++FWD_CHECK([-q --permanent --direct --query-rule ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT], 0)
++FWD_CHECK([-q --permanent --direct --query-rule ipv4 filter INPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT], 0)
++FWD_CHECK([-q --permanent --direct --query-rule ipv4 filter INPUT 0 -d 127.0.0.2 -p tcp --dport 22 -j ACCEPT], 0)
+ FWD_RELOAD
+-FWD_CHECK([--direct --get-all-rules], 0, [dnl
+-ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
+-ipv4 filter INPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
+-ipv4 filter INPUT 0 -d 127.0.0.2 -p tcp --dport 22 -j ACCEPT
+-])
++FWD_CHECK([-q --direct --query-rule ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT], 0)
++FWD_CHECK([-q --direct --query-rule ipv4 filter INPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT], 0)
++FWD_CHECK([-q --direct --query-rule ipv4 filter INPUT 0 -d 127.0.0.2 -p tcp --dport 22 -j ACCEPT], 0)
+ 
+ FWD_CHECK([-q --permanent --direct --remove-rules ipv6 filter INPUT])
+ FWD_CHECK([-q --permanent --direct --remove-rules ipv4 filter INPUT])
+-FWD_CHECK([--permanent --direct --get-all-rules], 0, [dnl
+-ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
+-])
++FWD_CHECK([-q --permanent --direct --query-rule ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT], 0)
++FWD_CHECK([-q --permanent --direct --query-rule ipv4 filter INPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT], 1)
++FWD_CHECK([-q --permanent --direct --query-rule ipv4 filter INPUT 0 -d 127.0.0.2 -p tcp --dport 22 -j ACCEPT], 1)
+ FWD_RELOAD
+-FWD_CHECK([--direct --get-all-rules], 0, [dnl
+-ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT
+-])
++FWD_CHECK([-q --direct --query-rule ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT], 0)
++FWD_CHECK([-q --direct --query-rule ipv4 filter INPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT], 1)
++FWD_CHECK([-q --direct --query-rule ipv4 filter INPUT 0 -d 127.0.0.2 -p tcp --dport 22 -j ACCEPT], 1)
+ FWD_CHECK([-q --direct --add-rule ipv4 filter INPUT 0 -p tcp --dport 22 -j ACCEPT])
+ FWD_CHECK([-q --direct --remove-rules ipv4 filter OUTPUT])
+-FWD_CHECK([--direct --get-all-rules], 0, [dnl
+-ipv4 filter INPUT 0 -p tcp --dport 22 -j ACCEPT
+-])
++FWD_CHECK([-q --direct --query-rule ipv4 filter INPUT 0 -p tcp --dport 22 -j ACCEPT], 0)
++FWD_CHECK([-q --direct --query-rule ipv4 filter OUTPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT], 1)
++FWD_CHECK([-q --direct --query-rule ipv4 filter INPUT 0 -d 127.0.0.1 -p tcp --dport 22 -j ACCEPT], 1)
++FWD_CHECK([-q --direct --query-rule ipv4 filter INPUT 0 -d 127.0.0.2 -p tcp --dport 22 -j ACCEPT], 1)
+ 
+ FWD_END_TEST
+-- 
+2.23.0
+
diff --git a/SPECS/firewalld.spec b/SPECS/firewalld.spec
index 8756e09..e5e74f9 100644
--- a/SPECS/firewalld.spec
+++ b/SPECS/firewalld.spec
@@ -8,7 +8,7 @@
 Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
 Name: firewalld
 Version: 0.6.3
-Release: 2%{?dist}.3
+Release: 2%{?dist}.4
 URL:     http://www.firewalld.org
 License: GPLv2+
 Source0: https://github.com/firewalld/firewalld/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
@@ -55,6 +55,13 @@ Patch40: 0040-fix-Revert-ebtables-drop-support-for-broute-table.patch
 Patch41: 0041-fix-ebtables-don-t-use-tables-that-aren-t-available.patch
 Patch42: 0042-fix-rich-rule-destination-with-services.patch
 Patch43: 0043-test-coverage-for-rhbz-1715977.patch
+Patch44: 0044-fix-direct-removeRules-was-mistakenly-removing-all-r.patch
+Patch45: 0045-test-coverage-for-rhbz-1723610-and-gh-385.patch
+Patch46: 0046-fix-tests-regression-rhbz1723610-make-output-reliabl.patch
+Patch47: 0047-fix-tests-regression-rhbz1723610-avoid-calling-IPv6-.patch
+Patch48: 0048-fix-direct-removeRules-not-removing-all-rules-in-cha.patch
+Patch49: 0049-fix-tests-regression-rhbz1723610-better-coverage.patch
+Patch50: 0050-fix-tests-regression-rhbz1723610-make-deterministic.patch
 
 BuildArch: noarch
 BuildRequires: desktop-file-utils
@@ -355,6 +362,9 @@ fi
 %{_mandir}/man1/firewall-config*.1*
 
 %changelog
+* Tue Jan 28 2020 Eric Garver <egarver@redhat.com> - 0.6.3-2.el7_7.4
+- fix: direct: removeRules() was mistakenly removing all rules
+
 * Thu Jan 16 2020 Eric Garver <egarver@redhat.com> - 0.6.3-2.el7_7.3
 - fix: rich rule destination with services