16 lines
563 B
Plaintext
16 lines
563 B
Plaintext
@def $git_ip4 = @resolve(git, A);
|
|
@def $git_ip6 = @resolve(git, AAAA);
|
|
@def $web_ip4 = @resolve(web, A);
|
|
@def $web_ip6 = @resolve(web, AAAA);
|
|
# git.higgsboson.tk points to web
|
|
# therefore DNAT port ssh back to git
|
|
domain (ip ip6) table nat chain PREROUTING daddr @ipfilter(($web_ip4 $web_ip6)) proto tcp dport ssh DNAT to @ipfilter(($git_ip4 $git_ip6));
|
|
|
|
&def_service(git, git, tcp, 9000);
|
|
&allow_service_for(git, web);
|
|
&allow_service_for(postgres, git);
|
|
&allow_service_for(ldap, git);
|
|
|
|
&def_service(git-ssh, git, tcp, 22);
|
|
&forward_to_service(git-ssh, tcp, 22);
|