From d951a6f19ee0f1f985312d4ea8712f80e71df3f6 Mon Sep 17 00:00:00 2001
From: Stephen Smoogen <smooge@redhat.com>
Date: Thu, 9 Apr 2020 18:22:26 +0000
Subject: [PATCH] try this logic for later

---
 roles/base/templates/iptables/iptables | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/base/templates/iptables/iptables b/roles/base/templates/iptables/iptables
index d55d74bd8e..d512745a29 100644
--- a/roles/base/templates/iptables/iptables
+++ b/roles/base/templates/iptables/iptables
@@ -103,7 +103,11 @@
 {% if proxy_tcp_ports is defined %}
 {% for port in proxy_tcp_ports %}
 {% for proxy in (groups['proxies'] + groups['proxies_internal']) %}
+{% if hostvars[proxy]['datacenter'] == "phx2" and 'ansible_eth0' in hostvars[proxy] %}
+-A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_eth0']['ipv4']['address'] }} -j ACCEPT
+{% else %}
 -A INPUT -p tcp -m tcp --dport {{ port }} --src {{ hostvars[proxy]['ansible_tun0']['ipv4']['address'] }} -j ACCEPT
+{% endif %}
 {% endfor %}
 # nagios
 -A INPUT -p tcp -m tcp --dport {{ port }} --src  10.5.126.41 -j ACCEPT