Comment 5 for bug 579868

Please disregard the previous command. Looking again, it seems like the iptables rules eucalyptus-cc set up are sufficient to NAT connection from NC to the outside world, so the private NC network topology is not made impossible by this bug.

Still, iptables-preload sounds like a useful feature. It's a bummer it does not work on UEC due to /var/run being a tmpfs. We should change the location of the iptables-preload file so that it persist through reboot. Perhaps there is a compile-time option for this? Otherwise, I guess we could patch the path wherever it is hard-coded in the source.