On 06/05/2021 22:16, Jouk wrote:
Still got a problem when trying to set forwarding on zone FedoraWorkstation, whikle the command on zone home gives success: [root@foxtrot ~]# firewall-cmd --zone=home --add-forward success [root@foxtrot ~]# firewall-cmd --zone=FedoraWorkstation --add-forward Error: COMMAND_FAILED: 'python-nftables' failed: JSON blob: {"nftables": [{"metainfo": {"json_schema_version": 1}}, {"add": {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_FedoraWorkstation_allow", "expr": [{"match": {"left": {"meta": {"key": "oifname"}}, "op": "==", "right": "enp0s25"}}, {"accept": null}]}}}, {"add": {"rule": {"family": "inet", "table": "firewalld", "chain": "filter_FWDI_FedoraWorkstation_allow", "expr": [{"match": {"left": {"meta": {"key": "oifname"}}, "op": "==", "right": "tun0"}}, {"accept": null}]}}}]} what I want is that the machine act as a router between the outside world (connected to enp0s25) and the local net work 1-0.9.9.x (connected to tun0). so that incomping packages for the 10.9.9.x network on from the outside world reach the machine on the local ndetwork via this machine.
In your original post you showed: FedoraWorkstation (active) target: default icmp-block-inversion: no interfaces: enp0s25 tun0 sources: So, both your interfaces are in the FedoraWorkstation zone. So, it makes no sense to me to --add-forward to the home zone. I read it that the --add-forward is for intra zone forwarding. With no interfaces in the home zone there is nothing to forward. -- Remind me to ignore comments which aren't germane to the thread. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure