All, I have two network interfaces on my PC and I want to route the stub interface to the internet facing interface and perform Masquerading. My Internet facing NIC is set to use zone drop and my inside facing zone is set to use zone trusted.
# enable routing echo 1 > /proc/sys/net/ipv4/ip_forward # verify IP forwarding is enabled. cat /proc/sys/net/ipv4/ip_forward 1 # Configure Masquerade zone firewall-cmd --zone=drop --add-masquerade --permanent firewall-cmd --reload # check masquerade configuration firewall-cmd --zone=drop --query-masquerade yes # Ping Test Internet facing NIC. ping -4 www.google.com 6 packets transmitted, 6 received, 0% packet loss, time 5008ms # Ping test internal facing NIC. ping -4I enx0000000011f1 www.google.com 23 packets transmitted, 0 received, 100% packet loss, time 22532ms When sourcing from the internal NIC the ping fails which leads me to believe Masquerade is not working. Am I missing something? Tim -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/ ⠈⠳⣄⠀⠀
