Actually, it's fairly straightforward now compared to what it's been in the past for Linux. Forwarding of packets across interfaces is disabled by default, and to turn it on you have to do one of two things to files under /proc...
Either enable packet forwarding globally across all interfaces by stuffing a 1 into /proc/sys/net/ipv4/ip_forward (or /proc/sys/net/ipv4/conf/all/forwarding, changes made to either seem to affect both), in which case all NEW interfaces will have forwarding on by default (which is why this approach is non-optimal from a security standpoint), or...
Enable packet forwarding on an interface by interface basis by stuffing a 1 into /proc/sys/net/ipv4/conf/$IFNAME/forwarding.
(Where $IFNAME is the name of the interface you wish to alter, for those who might be reading this but aren't so quick to spot implied shell substitutions)
I'll do some digging and exploring with start_fn() and stop_fn() over the weekend and see how well it works out, although for this, I don't think stop_fn() will have to be used, since the interfaces seem to go back to default settings when they are destroyed and recreated (but I haven't seen anything in documentation claiming that this is something intentional and unlikely to change, yet).