From e1d77f58d6d56f95d810f673cd3993a980beba00 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Sat, 18 Jul 2020 16:25:45 -0700
Subject: [PATCH] base / iptables / staging: drop nat section in iptables

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 roles/base/templates/iptables/iptables.staging | 14 --------------
 1 file changed, 14 deletions(-)

diff --git a/roles/base/templates/iptables/iptables.staging b/roles/base/templates/iptables/iptables.staging
index 1410f826ad..b1132b3da2 100644
--- a/roles/base/templates/iptables/iptables.staging
+++ b/roles/base/templates/iptables/iptables.staging
@@ -1,18 +1,4 @@
 # {{ ansible_managed }}
-*nat
-:PREROUTING ACCEPT []
-:POSTROUTING ACCEPT []
-:OUTPUT ACCEPT []
-
-# Redirect staging attempts to talk to the external proxy to an internal ip.
-# This is primarily for openid in staging which needs to get around proxy
-# redirects.
-{% if 'cloud.' not in inventory_hostname and 'aws.fedoraproject.org' not in inventory_hostname %}
--A OUTPUT -d 209.132.181.5 -j DNAT --to-destination 10.5.128.177
-{% endif %}
-
-COMMIT
-
 *filter
 :INPUT ACCEPT [0:0]
 :FORWARD ACCEPT [0:0]