From 5cd6516d2130ccd3ae63740cfa702ae5257c9d50 Mon Sep 17 00:00:00 2001
From: anthony <anthony@cloud.com>
Date: Mon, 9 Jul 2012 18:29:49 -0700
Subject: [PATCH] CS-15506 : allow traffic going out domr in FORWARD chain

---
 patches/systemvm/debian/config/opt/cloud/bin/vpc_snat.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_snat.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_snat.sh
index 0fe803ed8ab..ff88354dc49 100755
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_snat.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/vpc_snat.sh
@@ -15,6 +15,7 @@
 # @VERSION@
 
 source /root/func.sh
+source /opt/cloud/bin/vpc_func.sh
 
 lock="biglock"
 locked=$(getLockFile $lock)
@@ -31,6 +32,9 @@ usage() {
 
 add_snat() {
   logger -t cloud "$(basename $0):Added SourceNAT $pubIp on interface $ethDev"
+  vpccidr=$(getVPCcidr)
+  sudo iptables -D FORWARD -s $vpccidr ! -d $vpccidr -j ACCEPT
+  sudo iptables -A FORWARD -s $vpccidr ! -d $vpccidr -j ACCEPT
   sudo iptables -t nat -D POSTROUTING   -j SNAT -o $ethDev --to-source $pubIp
   sudo iptables -t nat -A POSTROUTING   -j SNAT -o $ethDev --to-source $pubIp
   return $?