diff --git a/common/iptables b/common/iptables
index b2100ba..b80c19a 100644
--- a/common/iptables
+++ b/common/iptables
@@ -19,9 +19,9 @@ COMMIT
 -A INPUT -p icmp -j ACCEPT
 -A INPUT -i lo -j ACCEPT
 -A INPUT -j REJECT --reject-with icmp-host-prohibited
+-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
 -A FORWARD -i vif+ -o vif+ -j DROP
 -A FORWARD -i vif+ -j ACCEPT
--A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
 -A FORWARD -j DROP
 COMMIT
 # Completed on Mon Sep  6 08:57:46 2010