the normal table contaings a drop rule and so the mac table would
never be reached. Still need to check if input is necessary.
/sbin/iptables -t nat -A POSTROUTING -j IPSECNAT
# Outgoing Firewall
/sbin/iptables -t nat -A POSTROUTING -j IPSECNAT
# Outgoing Firewall
- /sbin/iptables -A FORWARD -j OUTGOINGFW
/sbin/iptables -A FORWARD -j OUTGOINGFWMAC
/sbin/iptables -A FORWARD -j OUTGOINGFWMAC
- /sbin/iptables -A INPUT -j OUTGOINGFWMAC
+ /sbin/iptables -A FORWARD -j OUTGOINGFW
# localhost and ethernet.
/sbin/iptables -A INPUT -i lo -m state --state NEW -j ACCEPT
# localhost and ethernet.
/sbin/iptables -A INPUT -i lo -m state --state NEW -j ACCEPT