Dear Maintainer, I have struggled with this for a few days. It is not a bug, but an incompatible change in Firewalld since Bullseye. Default policy is now not to allow forwarding between zones. Policy needs to be set manually. For example:
firewall-cmd --permanent --new-policy allowForward firewall-cmd --permanent --policy allowForward --set-target ACCEPT firewall-cmd --permanent --policy allowForward --add-ingress-zone internal firewall-cmd --permanent --policy allowForward --add-egress-zone external firewall-cmd --reload See https://firewalld.org/2020/09/policy-objects-introduction and Firewalld Git Bug #866 and #917. Trust that helps. Andrew
