From 4ec7e1a54780699fa044fcaedacd1df051ef68ea Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Sat, 13 Apr 2019 21:47:45 +0200 Subject: [PATCH] Move this rule to nat_rules Signed-off-by: Patrick Uiterwijk --- inventory/group_vars/proxies | 2 ++ 1 file changed, 2 insertions(+) diff --git a/inventory/group_vars/proxies b/inventory/group_vars/proxies index 1f9130d447..209fb6a070 100644 --- a/inventory/group_vars/proxies +++ b/inventory/group_vars/proxies @@ -65,7 +65,9 @@ custom_rules: [ '-A INPUT -p tcp -m tcp --dport 9941 -s 10.5.124.207 -j ACCEPT', # Allow openqa01 to talk to the inbound fedmsg relay. '-A INPUT -p tcp -m tcp --dport 9941 -s 10.5.131.71 -j ACCEPT', +] +nat_rules: [ # For Zanata, redirect 443/tcp -> 43342/tcp for TLS reasons # See files/httpd/website_id_fp_o_zanata.conf for info '-t nat -A PREROUTING -s 209.132.183.252 -p tcp --dport 443 -j REDIRECT --to 44342'