Open SuSEfirewall2 FORWARD rule when use xen nat

Index: xen-4.1.0-testing/tools/hotplug/Linux/network-nat
===================================================================
--- xen-4.1.0-testing.orig/tools/hotplug/Linux/network-nat
+++ xen-4.1.0-testing/tools/hotplug/Linux/network-nat
@@ -83,6 +83,7 @@ function dhcp_stop()
 op_start() {
 	echo 1 >/proc/sys/net/ipv4/ip_forward
 	iptables -t nat -A POSTROUTING -o ${netdev} -j MASQUERADE
+	iptables -P FORWARD ACCEPT
         [ "$dhcp" != 'no' ] && dhcp_start
 }
 
@@ -90,6 +91,7 @@ op_start() {
 op_stop() {
         [ "$dhcp" != 'no' ] && dhcp_stop
 	iptables -t nat -D POSTROUTING -o ${netdev} -j MASQUERADE
+	iptables -P FORWARD DROP
 }