From c4cd4626cac9520d7cb799be84191cd970000261 Mon Sep 17 00:00:00 2001
From: Jayapal <jayapal@apache.org>
Date: Mon, 7 Sep 2015 16:01:57 +0530
Subject: [PATCH] CLOUDSTACK-8690: Updated the iptables order

---
 systemvm/patches/debian/config/opt/cloud/bin/configure.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
index 3c7e972afe0..34e92d47309 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@@ -644,10 +644,10 @@ class CsRemoteAccessVpn(CsDataBag):
             return
 
         self.fw.append(["mangle", "","-N  VPN_%s " %publicip])
-        self.fw.append(["mangle", "","-I PREROUTING  -d %s -j VPN_%s " % (publicip, publicip)])
-        self.fw.append(["mangle", "","-A VPN_%s -p ah  -j ACCEPT " % publicip])
-        self.fw.append(["mangle", "","-A VPN_%s -p esp  -j ACCEPT " % publicip])
         self.fw.append(["mangle", "","-A VPN_%s -j RETURN " % publicip])
+        self.fw.append(["mangle", "","-I VPN_%s -p ah  -j ACCEPT " % publicip])
+        self.fw.append(["mangle", "","-I VPN_%s -p esp  -j ACCEPT " % publicip])
+        self.fw.append(["mangle", "","-I PREROUTING  -d %s -j VPN_%s " % (publicip, publicip)])
 
 
 class CsForwardingRules(CsDataBag):