diff --git a/qubesagent/firewall.py b/qubesagent/firewall.py
index 6145804..4b8c3b3 100755
--- a/qubesagent/firewall.py
+++ b/qubesagent/firewall.py
@@ -62,6 +62,19 @@ class FirewallWorker(object):
         '''Apply rules in given source address'''
         raise NotImplementedError
 
+    def run_firewall_dir(self):
+        '''Run scripts dir contents, before user script'''
+        script_dir_paths = ['/etc/qubes/qubes-firewall.d',
+                      '/rw/config/qubes-firewall.d']
+        for script_dir_path in script_dir_paths:
+           if not os.path.isdir(script_dir_path):
+               continue
+           for d_script in sorted(os.listdir(script_dir_path)):
+               d_script_path = os.path.join(script_dir_path, d_script)
+               if os.path.isfile(d_script_path) and \
+                       os.access(d_script_path, os.X_OK):
+                   subprocess.call([d_script_path])
+
     def run_user_script(self):
         '''Run user script in /rw/config'''
         user_script_path = '/rw/config/qubes-firewall-user-script'
@@ -140,6 +153,7 @@ class FirewallWorker(object):
     def main(self):
         self.terminate_requested = False
         self.init()
+        self.run_firewall_dir()
         self.run_user_script()
         # initial load
         for source_addr in self.list_targets():