I created a new row in the db w/NULL ihfProtocol. The iptables rule ended up checking for udp, instead of all protocols.
