diff --git a/cluster/saltbase/salt/_states/container_bridge.py b/cluster/saltbase/salt/_states/container_bridge.py
index 63158926c25..8001d2f0897 100644
--- a/cluster/saltbase/salt/_states/container_bridge.py
+++ b/cluster/saltbase/salt/_states/container_bridge.py
@@ -34,11 +34,16 @@ def ensure(name, cidr, mtu=1460):
     '''
     ret = {'name': name, 'changes': {}, 'result': False, 'comment': ''}
 
-    iptables_rule = {
+    iptables_rule_1 = {
         'table': 'nat',
         'chain': 'POSTROUTING',
         'rule': '-o eth0 -j MASQUERADE \! -d 10.0.0.0/8'
     }
+    iptables_rule_2 = {
+        'table': 'nat',
+        'chain': 'POSTROUTING',
+        'rule': '-s %s -j MASQUERADE \! -d %s' % (cidr, cidr)
+    }
 
     def bridge_exists(name):
         'Determine if a bridge exists already.'
@@ -90,8 +95,10 @@ def ensure(name, cidr, mtu=1460):
             ret['details'] = {}
         # This module function is strange and returns True if the rule exists.
         # If not, it returns a string with the error from the call to iptables.
-        ret['iptables_rule_exists'] = \
-          __salt__['iptables.check'](**iptables_rule) == True
+        ret['iptables_rule_1_exists'] = \
+          __salt__['iptables.check'](**iptables_rule_1) == True
+        ret['iptables_rule_2_exists'] = \
+          __salt__['iptables.check'](**iptables_rule_2) == True
         return ret
 
     # This is a little hacky.  I should probably import a real library for this
@@ -112,7 +119,8 @@ def ensure(name, cidr, mtu=1460):
         and current_state['details']['mtu'] == mtu
         and desired_network in current_state['details']['networks']
         and current_state['details']['up']
-        and current_state['iptables_rule_exists']):
+        and current_state['iptables_rule_1_exists']
+        and current_state['iptables_rule_2_exists']):
         ret['result'] = True
         ret['comment'] = 'System already in the correct state'
         return ret
@@ -147,8 +155,10 @@ def ensure(name, cidr, mtu=1460):
         __salt__['cmd.run'](
             'ip link set dev {0} up'.format(name))
     new_state = get_current_state()
-    if not new_state['iptables_rule_exists']:
-        __salt__['iptables.append'](**iptables_rule)
+    if not new_state['iptables_rule_1_exists']:
+        __salt__['iptables.append'](**iptables_rule_1)
+    if not new_state['iptables_rule_2_exists']:
+        __salt__['iptables.append'](**iptables_rule_2)
     new_state = get_current_state()
 
     ret['comment'] = 'The state of "{0}" was changed!'.format(name)