iptables-nat.erb
373 Bytes
# Forward reverseproxy:22 to integration:22 (required to enable git pushes over SSH)
-A PREROUTING -d <%= node['config']['external_ip'] %>/32 -p tcp -m tcp --dport 22 -j DNAT --to-destination <%= node['peers']['integration'] %>:22
-A POSTROUTING -d <%= node['peers']['integration'] %>/32 -p tcp -m tcp --dport 22 -j SNAT --to-source <%= node['peers']['reverseproxy'] %>