iptables \ --table filter \ --insert INPUT \ --in-interface virbr0 \ --protocol tcp \ --destination-port 67 \ --jump ACCEPT iptables \ --table filter \ --insert INPUT \ --in-interface virbr0 \ --protocol udp \ --destination-port 67 \ --jump ACCEPT iptables \ --table filter \ --insert OUTPUT \ --out-interface virbr0 \ --protocol udp \ --destination-port 68 \ --jump ACCEPT iptables \ --table filter \ --insert INPUT \ --in-interface virbr0 \ --protocol tcp \ --destination-port 53 \ --jump ACCEPT iptables \ --table filter \ --insert INPUT \ --in-interface virbr0 \ --protocol udp \ --destination-port 53 \ --jump ACCEPT iptables \ --table filter \ --insert FORWARD \ --in-interface virbr0 \ --jump REJECT iptables \ --table filter \ --insert FORWARD \ --out-interface virbr0 \ --jump REJECT iptables \ --table filter \ --insert FORWARD \ --in-interface virbr0 \ --out-interface virbr0 \ --jump ACCEPT iptables \ --table filter \ --insert FORWARD \ --source 192.168.122.0/24 \ --in-interface virbr0 \ --jump ACCEPT iptables \ --table filter \ --insert FORWARD \ --destination 192.168.122.0/24 \ --out-interface virbr0 \ --match conntrack \ --ctstate ESTABLISHED,RELATED \ --jump ACCEPT iptables \ --table nat \ --insert POSTROUTING \ --source 192.168.122.0/24 '!' \ --destination 192.168.122.0/24 \ --jump MASQUERADE iptables \ --table nat \ --insert POSTROUTING \ --source 192.168.122.0/24 \ -p udp '!' \ --destination 192.168.122.0/24 \ --jump MASQUERADE \ --to-ports 1024-65535 iptables \ --table nat \ --insert POSTROUTING \ --source 192.168.122.0/24 \ -p tcp '!' \ --destination 192.168.122.0/24 \ --jump MASQUERADE \ --to-ports 1024-65535 iptables \ --table nat \ --insert POSTROUTING \ --source 192.168.122.0/24 \ --destination 255.255.255.255/32 \ --jump RETURN iptables \ --table nat \ --insert POSTROUTING \ --source 192.168.122.0/24 \ --destination 224.0.0.0/24 \ --jump RETURN iptables \ --table mangle \ --insert POSTROUTING \ --out-interface virbr0 \ --protocol udp \ --destination-port 68 \ --jump CHECKSUM \ --checksum-fill