Bug 127994

Description of problem:
=======================
Using the Security Level helper application there is no means of
specifying packet forwarding between eth0(inside net) and
eth1(external net).  In addition, when /proc/sys/net../ip_forward is
set to '1', and ECN is disabled, forwarding does not occur unless
firewall is disabled and this custom script is used instead shown at
bottom.  Have also modified sysctl.conf to '1' as well to allow for
forwarding.  Did I miss anything??

Version-Release number of selected component (if applicable): Fedora
Core 2 - updated on all RPMS's.

How reproducible:  May be difficult?
=================
Steps to Reproduce:
===================
1. Set eth0 to 10.0.0.100, set eth1 to and external ip.
2. Echo 1 > /proc/sys/net/ipv4/ip_forward
3. Modify sysctl.conf changing ip_forwarding to '1' from '0'.
4. Sysctl -p, reboot.
5. Have tried to customize the /etc/sysconfig/iptables.conf generated
by the Security Level helper app and had no progress.  

Actual results: Forwarding does not occur.

Expected results:

Additional info: 
================
This is the only means of getting forwarding going quickly without
spending gobs of time trying to tweak ip_tables.conf.
*-<add snip>---------------------------------------------------------
#!/bin/bash
#
# chkconfig: 2345 08 92
# description:	Starts my custom ip_forwarding. 
#
# config: /etc/sysconfig/iptables
# config: /etc/sysconfig/iptables-config
echo "1" > /proc/sys/net/ipv4/ip_forward
ipt=/sbin/iptables
# Change this value to your EXTERNAL interface
ext=eth1
# Set policies
$ipt -P INPUT ACCEPT
$ipt -P FORWARD ACCEPT
$ipt -P OUTPUT ACCEPT
# Delete table rules, chains and counters
for table in filter nat mangle
do
$ipt -t $table -F # flush
$ipt -t $table -X # delete
$ipt -t $table -Z # zero
done
$ipt -t nat -A POSTROUTING -o $ext -j MASQUERADE
*--------------------------------------------------------------------