diff --git a/firewalld/files/firewalld.conf b/firewalld/files/firewalld.conf
index d3ff9cb..7bf9ee5 100644
--- a/firewalld/files/firewalld.conf
+++ b/firewalld/files/firewalld.conf
@@ -32,3 +32,21 @@ Lockdown={{ firewalld.lockdown|default('no') }}
 # The rp_filter for IPv4 is controlled using sysctl.
 # Default: yes
 IPv6_rpfilter={{ firewalld.IPv6_rpfilter|default('yes') }}
+{%- if firewalld.get('IndividualCalls', False) %}
+
+# IndividualCalls
+# Do not use combined -restore calls, but individual calls. This increases the
+# time that is needed to apply changes and to start the daemon, but is good for
+# debugging.
+# Default: no
+IndividualCalls={{ firewalld.IndividualCalls|default('no') }}
+{%- endif %}
+{%- if firewalld.get('LogDenied', False) %}
+
+# LogDenied
+# Add logging rules right before reject and drop rules in the INPUT, FORWARD
+# and OUTPUT chains for the default rules and also final reject and drop rules
+# in zones. Possible values are: all, unicast, broadcast, multicast and off.
+# Default: off
+LogDenied={{ firewalld.LogDenied|default('off') }}
+{%- endif %}