From c3be272e9b699033437a34c37feecd7775c84046 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sat, 21 Jan 2017 18:37:48 +0100
Subject: [PATCH] l 1 prism: forward 1337 to onondaga

---
 lass/1systems/prism.nix | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index 313a18a9c..34d81f099 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -252,6 +252,12 @@ in {
         origin.ref = "heads/nin";
         mirror.url = "git@${config.networking.hostName}:stockholm";
       };
+      krebs.iptables.tables.nat.PREROUTING.rules = [
+        { v6 = false; precedence = 1000; predicate = "-d 213.239.205.240 -p tcp --dport 1337"; target = "DNAT --to-destination 192.168.122.24:22"; }
+      ];
+      krebs.iptables.tables.filter.FORWARD.rules = [
+        { v6 = false; precedence = 1000; predicate = "-d 192.168.122.24 -p tcp --dport 22 -m state --state NEW,ESTABLISHED,RELATED"; target = "ACCEPT"; }
+      ];
     }
   ];