From f2ddfcc9a3ba9e9c6a7b392dab0f661aef4ca358 Mon Sep 17 00:00:00 2001
From: Hugo Levy-Falk <hugo.levy-falk@supelec.fr>
Date: Sat, 14 Sep 2019 19:50:06 +0200
Subject: [PATCH] prerezotage can speak to intranet.

---
 archi.nft             | 1 +
 zones/prerezotage.nft | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/archi.nft b/archi.nft
index 2e7a250..0c77b27 100644
--- a/archi.nft
+++ b/archi.nft
@@ -12,6 +12,7 @@ define if_dmz = "bond0.13"
 # Ips
 define comnpay = 46.255.53.0/24
 define website = 193.48.225.242
+define external_dns = 80.67.188.188
 define intranet = 193.48.225.247
 define bounce_server = 193.48.225.247
 
diff --git a/zones/prerezotage.nft b/zones/prerezotage.nft
index cf02a90..36ed4f9 100644
--- a/zones/prerezotage.nft
+++ b/zones/prerezotage.nft
@@ -7,7 +7,9 @@ table inet firewall {
 		flags interval
 		elements = {
 			$comnpay,
-			$website
+			$website,
+			$external_dns,
+			$intranet
 		}
 	}