iptables -t nat -F
nic #
 iptables -F
nic #
 # to ensure no packets sneak through a %pass shunt, drop them on nic
nic #
 iptables -I FORWARD -s 0.0.0.0/0 -d 0.0.0.0/0 -p icmp -j DROP
nic #
