diff --git a/fickit-backend.yml b/fickit-backend.yml
index 4c7909ac..c5a1dc87 100644
--- a/fickit-backend.yml
+++ b/fickit-backend.yml
@@ -58,8 +58,7 @@ onboot:
         net: /run/netns/synchro
   - name: qa-ip-setup
     image: linuxkit/ip:bb250017b05de5e16ac436b1eb19a39c87b5a252
-#    command: ["/bin/sh", "-c", "ip a add 10.10.10.1/29 dev eth1; ip link set eth1 up; ip a add 172.17.0.6/24 dev vethin-qa; ip link set vethin-qa up" ]
-    command: ["/bin/sh", "-c", "ip a add 172.17.0.6/24 dev vethin-qa; ip link set vethin-qa up" ]
+    command: ["/bin/sh", "-c", "ip link show eth1 2> /dev/null && { ip a add 10.10.10.1/29 dev eth1; ip link set eth1 up; }; ip a add 172.17.0.6/24 dev vethin-qa; ip link set vethin-qa up" ]
     net: new
     runtime:
       interfaces:
@@ -72,7 +71,7 @@ onboot:
   - name: admin-ip-setup
     image: linuxkit/ip:bb250017b05de5e16ac436b1eb19a39c87b5a252
     #command: ["/bin/sh", "-c", "ip link add link eth3 name adminiface type vlan id 99; ip a add 172.16.99.219/24 dev adminiface; ip link set eth3 up; ip link set adminiface up; ip r add default via 172.16.99.1; ip a add 172.17.0.2/24 dev vethin-admin; ip link set vethin-admin up; ping -W 10 -c 1 172.16.99.1;" ]
-    command: ["/bin/sh", "-c", "ip link set eth3 up; while read IP; do ip a add ${IP} dev eth3; done < /run/config/ip_config/backend-admin; ip r add default via $(cat /run/config/ip_config/backend-router); ip a add 172.17.0.2/24 dev vethin-admin; ip link set vethin-admin up; ping -W 10 -c 1 $(cat /run/config/ip_config/backend-router); ip a add 10.0.0.1/24 dev eth1; ip link set eth1 up;" ]
+    command: ["/bin/sh", "-c", "ip link set eth3 up; while read IP; do ip a add ${IP} dev eth3; done < /run/config/ip_config/backend-admin; ip r add default via $(cat /run/config/ip_config/backend-router); ip a add 172.17.0.2/24 dev vethin-admin; ip link set vethin-admin up; ping -W 10 -c 1 $(cat /run/config/ip_config/backend-router); ip link show eth1 2> /dev/null && { ip a add 10.0.0.1/24 dev eth1; ip link set eth1 up; };" ]
     net: new
     binds:
       - /run/config/ip_config/:/run/config/ip_config/:ro
@@ -458,6 +457,7 @@ files:
       [0:0] -A OUTPUT -o lo -j ACCEPT
       [0:0] -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
       [0:0] -A OUTPUT -p icmp -j ACCEPT
+      [0:0] -A OUTPUT -o eth1 -d 10.0.0.0/24 -p tcp -m conntrack --ctstate NEW -m tcp --dport 443 -j ACCEPT
       [0:0] -A OUTPUT -o vethin-admin -d 172.17.0.0/24 -p tcp -m conntrack --ctstate NEW -j ACCEPT
       [0:0] -A OUTPUT -j LOG
       [0:0] -A OUTPUT -j REJECT