* Install iptables-services on router, then enable and start the service (same as you did in OPS245).
** Notice that the default rules are the same as the ones you've seen in OPS245 in CentOS. These rules are evaluated ''after'' the incoming traffic makes it past the rules in ops345routersg. [[File:AWSVPCandiptables.png|border|center]]
== Port forwarding SSH ==