Default GW via SNAT and NOT MASq

I did find it, It is an MOD and this shoeld only be done if you know yr stuff. I do not like this, althow clearly the intended method by the author, It is messy and non-elegant. I would of liked to see an setting in the bastille-firewall.cfg file asking to SNAT or MASq

vi /sbin/bastille-netfilter or edit /sbin/bastille-netfilter
remark the line Around line 390-391
# ${IPTABLES} -t nat -A POSTROUTING -s ${net} -o ${pub} -j MASQUERADE
# ${IPTABLES} -A FORWARD -s ${net} -o ${pub} -j ACCEPT
Around line 397 Remove the # (uncomment it)

What is great is that the DEFAULT_GW_IFACE is self-detected and come from your interface set-up.

