Re: IP-routing fails after upgrade F33->F34

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 06/05/2021 22:16, Jouk wrote:

Still got a problem when trying to set forwarding on zone FedoraWorkstation, whikle the command on zone home gives success:

[root@foxtrot ~]# firewall-cmd --zone=home --add-forward
success
[root@foxtrot ~]# firewall-cmd --zone=FedoraWorkstation --add-forward
Error: COMMAND_FAILED: 'python-nftables' failed:
JSON blob:
{"nftables": [{"metainfo": {"json_schema_version": 1}}, {"add": {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_FedoraWorkstation_allow", "expr": [{"match": {"left": {"meta": {"key": "oifname"}}, "op": "==", "right": "enp0s25"}}, {"accept": null}]}}}, {"add": {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_FedoraWorkstation_allow", "expr": [{"match": {"left": {"meta": {"key": "oifname"}}, "op": "==", "right": "tun0"}}, {"accept": null}]}}}]}



what I want is that the machine act as a router between the outside world (connected to enp0s25) and the local net work 1-0.9.9.x (connected to tun0). so that incomping packages for the 10.9.9.x network on from the outside world reach the machine on the local ndetwork via this machine.


In your original post you showed:

FedoraWorkstation (active)
  target: default
  icmp-block-inversion: no
  interfaces: enp0s25 tun0
  sources:

So, both your interfaces are in the FedoraWorkstation zone.  So, it makes no
sense to me to --add-forward to the home zone.  I read it that the
--add-forward is for intra zone forwarding.  With no interfaces in the home
zone there is nothing to forward.


--
Remind me to ignore comments which aren't germane to the thread.

_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux