diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 313a18a9c..34d81f099 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -252,6 +252,12 @@ in {
         origin.ref = "heads/nin";
         mirror.url = "git@${config.networking.hostName}:stockholm";
       };
+      krebs.iptables.tables.nat.PREROUTING.rules = [
+        { v6 = false; precedence = 1000; predicate = "-d 213.239.205.240 -p tcp --dport 1337"; target = "DNAT --to-destination 192.168.122.24:22"; }
+      ];
+      krebs.iptables.tables.filter.FORWARD.rules = [
+        { v6 = false; precedence = 1000; predicate = "-d 192.168.122.24 -p tcp --dport 22 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; }
+      ];
     }
   ];