vm/network: really place anti-spoof rules in 'raw' table

This fixes commit: 4d68998 vm/network: place anti-spoof rules in 'raw' table
2012-03-08 14:56:39 +01:00 · 2012-03-08 14:56:39 +01:00 · 8a7906a016
commit 8a7906a016
parent a2afb6e054
1 changed files with 1 additions and 1 deletions
--- a/network/vif-route-qubes
+++ b/network/vif-route-qubes
@ -48,7 +48,7 @@ if [ "${ip}" ] ; then
 		${cmdprefix} ip route ${ipcmd} ${addr} dev ${vif} || true
 	done
 		echo ${cmdprefix} iptables -t raw $iptables_cmd -i ${vif} \! -s ${ip} -j DROP
-		${cmdprefix} iptables $iptables_cmd -i ${vif} \! -s ${ip} -j DROP
+		${cmdprefix} iptables -t raw $iptables_cmd -i ${vif} \! -s ${ip} -j DROP
 fi

 log debug "Successful vif-route-qubes $command for $vif."