xen/network-nat-open-SuSEfirewall2-FORWARD.patch

Open SuSEfirewall2 FORWARD rule when use xen nat

Index: xen-3.4.1-testing/tools/hotplug/Linux/network-nat
===================================================================
--- xen-3.4.1-testing.orig/tools/hotplug/Linux/network-nat
+++ xen-3.4.1-testing/tools/hotplug/Linux/network-nat
@@ -82,6 +82,7 @@ function dhcp_stop()
 op_start() {
 	echo 1 >/proc/sys/net/ipv4/ip_forward
 	iptables -t nat -A POSTROUTING -o ${netdev} -j MASQUERADE
+	iptables -P FORWARD ACCEPT
         [ "$dhcp" != 'no' ] && dhcp_start
 }
 
@@ -89,6 +90,7 @@ op_start() {
 op_stop() {
         [ "$dhcp" != 'no' ] && dhcp_stop
 	iptables -t nat -D POSTROUTING -o ${netdev} -j MASQUERADE
+	iptables -P FORWARD DROP
 }