From eecc0daae4d78c7998a89f667cfd498780504c25 Mon Sep 17 00:00:00 2001
From: Mark Wooding <mdw@distorted.org.uk>
Date: Fri, 19 Apr 2013 15:17:29 +0100
Subject: [PATCH] mango.m4: Reverse NAT into the main network.

Allow access to internal web proxy and so on.
---
 mango.m4 | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/mango.m4 b/mango.m4
index 7c506f9..8f5874b 100644
--- a/mango.m4
+++ b/mango.m4
@@ -48,5 +48,13 @@ run iptables -t nat -X
 run iptables -t nat -A POSTROUTING -j SNAT --to-source 10.165.27.3 \
 	-s 172.29.198.0/23 -d 10.165.27.0/24 -o eth0
 
+clearchain nat:portfwd
+run iptables -t nat -A portfwd -j DNAT \
+	-p tcp --dport 3128 --to-destination 172.29.199.228
+for c in OUTPUT PREROUTING; do
+  run iptables -t nat -A $c -j portfwd \
+	-s 10.165.27.0/24 -d 10.165.27.3
+done
+
 m4_divert(-1)
 ###----- That's all, folks --------------------------------------------------
-- 
2.11.0