From 9b1d0a7054b83b7b00d819012e8f2e82ef99f059 Mon Sep 17 00:00:00 2001
From: Kelven Yang <kelven@cloud.com>
Date: Mon, 8 Nov 2010 14:57:40 -0800
Subject: [PATCH] allow cross-forwarding of traffic between private/public
 interface in domR

---
 patches/systemvm/debian/config/etc/iptables/iptables-router | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/patches/systemvm/debian/config/etc/iptables/iptables-router b/patches/systemvm/debian/config/etc/iptables/iptables-router
index 3bc7b50f74a..3cd069a04c0 100644
--- a/patches/systemvm/debian/config/etc/iptables/iptables-router
+++ b/patches/systemvm/debian/config/etc/iptables/iptables-router
@@ -19,6 +19,8 @@ COMMIT
 -A INPUT -i eth0 -p tcp -m state --state NEW --dport 80 -j ACCEPT
 -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
 -A FORWARD -i eth0 -o eth2 -j ACCEPT
+-A FORWARD -i eth1 -o eth2 -j ACCEPT
 -A FORWARD -i eth2 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A FORWARD -i eth2 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
 COMMIT