From 7b1d7069c036ae454f450420908acec1489ed6e7 Mon Sep 17 00:00:00 2001
From: "bruns@2mbit.com" <bruns@2mbit.com@e5899ace-8841-11de-95b9-8f387cfb8bc3>
Date: Tue, 22 Jun 2010 05:25:21 +0000
Subject: [PATCH]

---
 rc.firewall | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rc.firewall b/rc.firewall
index 8a7c109..1c8d109 100755
--- a/rc.firewall
+++ b/rc.firewall
@@ -102,7 +102,7 @@ if [ "$BLOCKTCPPORTS" ] || [ "$BLOCKUDPPORTS" ]; then
 			$IPTABLES -A OUTPUT -p tcp --dport $i --syn -j DROP
 			if [ "$NATRANGE" ]; then
 				for i in $NATRANGE; do
-					$IPTABLES -A PREROUTING -t raw -p tcp -s $i --dport $i --syn -j DROP
+					$IPTABLES -A FORWARD -p tcp -s $i --dport $i --syn -j DROP
 				done
 			fi
 		done
@@ -113,7 +113,7 @@ if [ "$BLOCKTCPPORTS" ] || [ "$BLOCKUDPPORTS" ]; then
 			$IPTABLES -A OUTPUT -p udp --dport $i -j DROP
 			if [ "$NATRANGE" ]; then
 				for i in $NATRANGE; do
-					$IPTABLES -A PREROUTING -t raw -p udp -s $i --dport $i -j DROP
+					$IPTABLES -A FORWARD -p udp -s $i --dport $i -j DROP
 				done
 			fi
 		done