diff --git a/roles/base/templates/iptables/iptables.kojibuilder b/roles/base/templates/iptables/iptables.kojibuilder
index 2b81658967..24edb662d6 100644
--- a/roles/base/templates/iptables/iptables.kojibuilder
+++ b/roles/base/templates/iptables/iptables.kojibuilder
@@ -80,6 +80,11 @@
 -A OUTPUT -m tcp -p tcp -d 10.5.88.36 -j ACCEPT
 -A INPUT -m udp -p udp -s 10.5.88.36 -j ACCEPT
 -A OUTPUT -m udp -p udp -d 10.5.88.36 -j ACCEPT
+# also new c-mode filer (remove above after switch)
+-A INPUT -m tcp -p tcp -s 10.5.88.41 -j ACCEPT
+-A OUTPUT -m tcp -p tcp -d 10.5.88.41 -j ACCEPT
+-A INPUT -m udp -p udp -s 10.5.88.41 -j ACCEPT
+-A OUTPUT -m udp -p udp -d 10.5.88.41 -j ACCEPT
 
 # ntp
 -A OUTPUT -m udp -p udp --dport 123 -d 66.187.233.4 -j ACCEPT
diff --git a/roles/base/templates/iptables/iptables.releng b/roles/base/templates/iptables/iptables.releng
index 90c80e6d48..7a27e0cb1f 100644
--- a/roles/base/templates/iptables/iptables.releng
+++ b/roles/base/templates/iptables/iptables.releng
@@ -45,10 +45,8 @@ COMMIT
 # Allow all netapp traffic
 -A INPUT -p udp -m udp -s 10.5.88.36 -j ACCEPT
 -A INPUT -p tcp -m tcp -s 10.5.88.36 -j ACCEPT
-
-# Bacula Backups backup03
--A INPUT -p tcp -m tcp -s 10.5.126.161 --dport 9102 -j ACCEPT
--A INPUT -p tcp -m tcp -s 192.168.1.64 --dport 9102 -j ACCEPT
+-A INPUT -p udp -m udp -s 10.5.88.41 -j ACCEPT
+-A INPUT -p tcp -m tcp -s 10.5.88.41 -j ACCEPT
 
 # Custom Services