diff --git a/firewalld/files/zone.xml b/firewalld/files/zone.xml
index 6525d71..dabe00a 100644
--- a/firewalld/files/zone.xml
+++ b/firewalld/files/zone.xml
@@ -33,11 +33,13 @@
     {%- endif %}
   {%- endfor %}
 {%- endif %}
-{%- if 'services' in zone %}
-  {%- for v in zone.services %}
+{%- for k,val in zone.items() %}
+  {%- if k.endswith("services") %}
+    {%- for v in val %}
   <service name="{{ v }}" />
-  {%- endfor %}
-{%- endif %}
+    {%- endfor %}
+  {%- endif %}
+{%- endfor %}
 {%- if 'ports' in zone %}
   {%- for v in zone.ports %}
     {%- if 'comment' in v %}
diff --git a/pillar.example b/pillar.example
index 6d78533..bdb1854 100644
--- a/pillar.example
+++ b/pillar.example
@@ -107,10 +107,12 @@ firewalld:
         are accepted.
       services:
         - http
-        - zabbixcustom
         - https
         - ssh
         - salt-minion
+      # Anything in zone definition ending with services will get merged into services
+      other_services:
+        - zabbixcustom
       protocols:
         - igmp
       rich_rules: