Jouk Jansen
2021-05-04 12:33:52 UTC
Hi All,
I'm using one of my Fedora machines as a router between 2 networks. The two
network devices on the machine are called enp0s25 and tun0. On F33 it worked
as expected. However, after an upgrade to F34 It looks like it does not work
anymore.
I tried to give the commands
firewall-cmd [--permanent] --direct --add-rule ipv4 filter FORWARD 0 -o enp0s25 -i tun0 -j ACCEPT
firewall-cmd [--permanent] --direct --add-rule ipv4 filter FORWARD 0 -i enp0s25 -o tun0 -j ACCEPT
But had no success (not even after restarting firewalld).
"firewall-cmd --list-all" gives the following:
FedoraWorkstation (active)
target: default
icmp-block-inversion: no
interfaces: enp0s25 tun0
sources:
services: dhcpv6-client mountd nfs rpc-bind samba-client ssh telnet
ports: 1025-65535/tcp 1025-65535/udp
protocols:
forward: no
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:
The strange thing is that "forward" is always "no". (also the masquerade is
always "no" after restarting firewalld, although it is set with --permanent,
but can be set in run-time)
the forwarding variable is defined:
net.ipv4.conf.all.forwarding = 1
Can someone give me some hints on what I'm missing?
Regards
Jouk
Pax, vel iniusta, utilior est quam iustissimum bellum.
(free after Marcus Tullius Cicero (106 b.Chr.-46 b.Chr.)
Epistularum ad Atticum 7.1.4.3)
Touch not the cat bot a glove
***@hrem.nano.tudelft.nl
Technische Universiteit Delft tttttttttt uu uu ddddddd
Kavli Institute of Nanoscience tttttttttt uu uu dd dd
Nationaal centrum voor HREM tt uu uu dd dd
Lorentzweg 1 tt uu uu dd dd
2628 CJ Delft tt uu uu dd dd
Nederland tt uu uu dd dd
tel. 31-15-2782272 tt uuuuuuu ddddddd
users mailing list -- ***@lists.fedoraproject.org
To unsubscribe send an email to users-***@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/***@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.i
I'm using one of my Fedora machines as a router between 2 networks. The two
network devices on the machine are called enp0s25 and tun0. On F33 it worked
as expected. However, after an upgrade to F34 It looks like it does not work
anymore.
I tried to give the commands
firewall-cmd [--permanent] --direct --add-rule ipv4 filter FORWARD 0 -o enp0s25 -i tun0 -j ACCEPT
firewall-cmd [--permanent] --direct --add-rule ipv4 filter FORWARD 0 -i enp0s25 -o tun0 -j ACCEPT
But had no success (not even after restarting firewalld).
"firewall-cmd --list-all" gives the following:
FedoraWorkstation (active)
target: default
icmp-block-inversion: no
interfaces: enp0s25 tun0
sources:
services: dhcpv6-client mountd nfs rpc-bind samba-client ssh telnet
ports: 1025-65535/tcp 1025-65535/udp
protocols:
forward: no
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:
The strange thing is that "forward" is always "no". (also the masquerade is
always "no" after restarting firewalld, although it is set with --permanent,
but can be set in run-time)
the forwarding variable is defined:
net.ipv4.conf.all.forwarding = 1
Can someone give me some hints on what I'm missing?
Regards
Jouk
Pax, vel iniusta, utilior est quam iustissimum bellum.
(free after Marcus Tullius Cicero (106 b.Chr.-46 b.Chr.)
Epistularum ad Atticum 7.1.4.3)
Touch not the cat bot a glove
------------------------------------------------------------------------------<
Jouk Jansen***@hrem.nano.tudelft.nl
Technische Universiteit Delft tttttttttt uu uu ddddddd
Kavli Institute of Nanoscience tttttttttt uu uu dd dd
Nationaal centrum voor HREM tt uu uu dd dd
Lorentzweg 1 tt uu uu dd dd
2628 CJ Delft tt uu uu dd dd
Nederland tt uu uu dd dd
tel. 31-15-2782272 tt uuuuuuu ddddddd
------------------------------------------------------------------------------<
_______________________________________________users mailing list -- ***@lists.fedoraproject.org
To unsubscribe send an email to users-***@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/***@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.i