From f28aad573da8b05d333ad7e5a8124c388502da7f Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Sat, 15 Aug 2015 15:16:03 +0000
Subject: [PATCH] Use fas-all ips instead of name, as dns may not yet be on at
 boot.

---
 roles/base/templates/iptables/iptables.kojibuilder | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/roles/base/templates/iptables/iptables.kojibuilder b/roles/base/templates/iptables/iptables.kojibuilder
index 24edb662d6..897cf51de7 100644
--- a/roles/base/templates/iptables/iptables.kojibuilder
+++ b/roles/base/templates/iptables/iptables.kojibuilder
@@ -72,7 +72,9 @@
 -A OUTPUT -p tcp -m tcp -d admin.fedoraproject.org --dport 80 -j ACCEPT
 -A OUTPUT -p tcp -m tcp -d admin.fedoraproject.org --dport 443 -j ACCEPT
 # for 2 facter auth
--A OUTPUT -p tcp -m tcp -d fas-all.phx2.fedoraproject.org --dport 8443 -j ACCEPT
+-A OUTPUT -p tcp -m tcp -d 10.5.126.30 -all.phx2.fedoraproject.org --dport 8443 -j ACCEPT
+-A OUTPUT -p tcp -m tcp -d 10.5.126.25 -all.phx2.fedoraproject.org --dport 8443 -j ACCEPT
+-A OUTPUT -p tcp -m tcp -d 10.5.126.26 -all.phx2.fedoraproject.org --dport 8443 -j ACCEPT
 
 #nfs to vtap-fedora-nfs01.storage.phx2.redhat.com - a little to wide-open - but 
 # kinda necessary