diff --git a/roles/base/templates/iptables/iptables.kojibuilder b/roles/base/templates/iptables/iptables.kojibuilder
index 613dd5c516..b64e116551 100644
--- a/roles/base/templates/iptables/iptables.kojibuilder
+++ b/roles/base/templates/iptables/iptables.kojibuilder
@@ -47,6 +47,12 @@
 -A INPUT -p tcp -m tcp -s 10.5.0.0/16 --dport 22 -j ACCEPT 
 -A OUTPUT -p tcp -m tcp -d 10.5.0.0/16 --sport 22  -j ACCEPT
 
+# for ansible accelerate mode - allow port 5099 from lockbox and it's ips
+-A INPUT -p tcp -m tcp --dport 5099 -s 192.168.1.58 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 5099 -s 10.5.126.23 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 5099 -s 10.5.127.51 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 5099 -s 209.132.181.6 -j ACCEPT
+
 # git to pkgs
 -A OUTPUT -m tcp -p tcp --dport 9418 -d 10.5.125.44 -j ACCEPT
 -A OUTPUT -m udp -p udp --dport 9418 -d 10.5.125.44 -j ACCEPT
diff --git a/vars/global.yml b/vars/global.yml
index fa760d29d6..49718f6d0f 100644
--- a/vars/global.yml
+++ b/vars/global.yml
@@ -24,8 +24,8 @@ f20_qcow_id: ami-00000038
 hostbase: transient
 # root_auth_users for cloud instances is '' by default
 root_auth_users: ''
-global_pkgs_inst: ['bind-utils', 'joe', 'mailx', 'nc', 'openssh-clients', 
-                   'patch', 'postfix', 'rsync', 'strace', 'telnet', 
+global_pkgs_inst: ['bind-utils', 'mailx', 'nc', 'openssh-clients', 
+                   'patch', 'postfix', 'rsync', 'strace',
                    'tmpwatch', 'traceroute', 'vim-enhanced', 'xz', 'zsh',
                    'libselinux-python', 'ntpdate' ]