Get rid of /sbin/iptables from qubes_core in netvm

netvm/iptables

@@ -1,13 +1,15 @@
-# Generated by iptables-save v1.4.5 on Thu May 20 06:02:32 2010
+# Generated by iptables-save v1.4.5 on Fri Jun  4 07:17:12 2010
 *nat
-:PREROUTING ACCEPT [2:362]
-:POSTROUTING ACCEPT [4:228]
+:PREROUTING ACCEPT [8:818]
+:POSTROUTING ACCEPT [1:84]
 :OUTPUT ACCEPT [0:0]
+-A POSTROUTING -o br+ -j ACCEPT
+-A POSTROUTING -j MASQUERADE
 COMMIT
-# Completed on Thu May 20 06:02:32 2010
-# Generated by iptables-save v1.4.5 on Thu May 20 06:02:32 2010
+# Completed on Fri Jun  4 07:17:12 2010
+# Generated by iptables-save v1.4.5 on Fri Jun  4 07:17:12 2010
 *filter
-:INPUT ACCEPT [3:84]
+:INPUT ACCEPT [168:4704]
 :FORWARD ACCEPT [0:0]
 :OUTPUT ACCEPT [0:0]
 -A INPUT -i br+ -p udp -m udp --dport 68 -j DROP
@@ -17,4 +19,4 @@ COMMIT
 -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
 -A FORWARD -j DROP
 COMMIT
-# Completed on Thu May 20 06:02:32 2010
+# Completed on Fri Jun  4 07:17:12 2010

netvm/qubes_core

@@ -35,8 +35,7 @@ start()
 #now done by iptables rc script
 #    iptables -t nat -A POSTROUTING -s $network/$netmask -j MASQUERADE
 #no, we cannot put ip-dependent stuff in sysconfig/iptables
-    iptables -t nat -A POSTROUTING -s $network/$netmask -d 224.0.0.0/8 -j ACCEPT	
-    iptables -t nat -A POSTROUTING -s $network/$netmask \! -d $network/$netmask -j MASQUERADE	
+#so make it ip-independent
 	success
 	echo ""
 	return 0