From f21b90a73ec1124e51fc5565efa5c9ea3c984ec9 Mon Sep 17 00:00:00 2001
From: Hugo Trippaers <htrippaers@schubergphilis.com>
Date: Fri, 22 Aug 2014 16:40:55 +0200
Subject: [PATCH] Add missing sourcenat rule

---
 systemvm/patches/debian/config/opt/cloud/bin/configure.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
index 1e776f44644..fd10b51eb6b 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@@ -409,6 +409,11 @@ class CsIP:
             pwdsvc = CsPasswdSvc(self).setup()
         elif self.get_type() == "public":
             if self.address["source_nat"] == True:
+                cmdline = CsDataBag("cmdline")
+                dbag = cmdline.get_bag()
+                # FIXME way to VPC specific
+                vpccidr = dbag["config"]["vpccidr"]
+                fw.append(["filter", "", "-A FORWARD -s %s ! -d %s -j ACCEPT" % (vpccidr, vpccidr)])
                 fw.append(["nat","","-A POSTROUTING -j SNAT -o %s --to-source %s" % (self.dev, self.address['public_ip'])])
         route.flush()