diff --git a/roles/install/handlers/main.yml b/roles/install/handlers/main.yml
index 03ada07..9cf1942 100644
--- a/roles/install/handlers/main.yml
+++ b/roles/install/handlers/main.yml
@@ -4,10 +4,6 @@
     daemon_reload: true
   when: servicecheck.systemd
 
-- name: Reload firewalld configuration
-  command:
-    cmd: firewall-cmd --reload
-
 - name: Reload rsyslog configuration
   systemd:
     name: rsyslog.service
diff --git a/roles/install/tasks/firewalld.yml b/roles/install/tasks/firewalld.yml
index 6c69862..3d340b1 100644
--- a/roles/install/tasks/firewalld.yml
+++ b/roles/install/tasks/firewalld.yml
@@ -30,14 +30,6 @@
     backup: true
   notify: Reload journald configuration
 
-# This will be enabled on-demand via klf
-#- name: Log packets denied by firewalld
-#  lineinfile:
-#    path: /etc/firewalld/firewalld.conf
-#    regexp: '^LogDenied='
-#    line: LogDenied=all
-#  notify: Reload firewalld configuration
-
 - include_role:
     name: bviktor.firewalld
   vars:
diff --git a/roles/uninstall/handlers/main.yml b/roles/uninstall/handlers/main.yml
index 1720ae9..98da7ab 100644
--- a/roles/uninstall/handlers/main.yml
+++ b/roles/uninstall/handlers/main.yml
@@ -3,3 +3,8 @@
   systemd:
     daemon_reload: true
   when: servicecheck.systemd
+
+- name: Reload rsyslog configuration
+  systemd:
+    name: rsyslog.service
+    state: restarted
diff --git a/roles/uninstall/tasks/firewalld.yml b/roles/uninstall/tasks/firewalld.yml
index cdefbd2..263721c 100644
--- a/roles/uninstall/tasks/firewalld.yml
+++ b/roles/uninstall/tasks/firewalld.yml
@@ -4,3 +4,14 @@
   vars:
     service: 'kf2'
     enabled: false
+
+- name: Remove firewalld log redirect
+  file:
+    path: /etc/rsyslog.d/firewalld-denied.conf
+    state: absent
+  notify: Reload rsyslog configuration
+
+- name: Remove firewalld log rotation
+  file:
+    path: /etc/logrotate.d/firewalld-denied
+    state: absent