From 4f62f83899211710f8712eb446ab2092e880d34d Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Sun, 21 Feb 2016 08:39:28 +0000
Subject: [PATCH] Use IP address for sign bridge IPs in iptables rules

If we use hostnames here, the firewall won't come up on boot since the
firewall is started before name resolution works.

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 inventory/group_vars/bodhi-backend | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/inventory/group_vars/bodhi-backend b/inventory/group_vars/bodhi-backend
index 27e4d2c62e..cd723dd986 100644
--- a/inventory/group_vars/bodhi-backend
+++ b/inventory/group_vars/bodhi-backend
@@ -23,7 +23,7 @@ tcp_ports: [
 ]
 # Make connections from signing bridges stateless, they break sigul connections
 # https://bugzilla.redhat.com/show_bug.cgi?id=1283364
-custom_rules: ['-A INPUT --proto tcp --sport 44334 --source sign-bridge01.phx2.fedoraproject.org -j ACCEPT']
+custom_rules: ['-A INPUT --proto tcp --sport 44334 --source 10.5.125.71 -j ACCEPT']
 
 # With 16 cpus, theres a bunch more kernel threads
 nrpe_procs_warn: 900