My wireless router recently stopped working through my wired hub, so my firewall machine now has the wired hub on one interface and the wireless router on another, both in the Internal zone, and everyone's happy, except they can't talk to each other. Nothing on the wifi can see any wired devices, and more problematically, no wired computers can detect or talk to the wireless printers.
So far, I've been fixing this with:
nft insert rule inet firewalld filter_FWDI_internal oifname "enp6s0" accept
nft insert rule inet firewalld filter_FWDI_internal oifname "enp9s0" accept
... but I have to do that again every time I lose power. I don't see an analogous feature in firewalld, even in direct rules. Am I missing something, or should I just script that somewhere to run after firewalld is up?
Or is there a better way that I've missed? I mean, besides replacing the wonky router?
-- Dave Noelle, dave@straylight.org
On Tue, Jun 13, 2023 at 7:51 AM David Andrew Michael Noelle dave@straylight.org wrote:
My wireless router recently stopped working through my wired hub, so my firewall machine now has the wired hub on one interface and the wireless router on another, both in the Internal zone, and everyone's happy, except they can't talk to each other. Nothing on the wifi can see any wired devices, and more problematically, no wired computers can detect or talk to the wireless printers.
So far, I've been fixing this with:
nft insert rule inet firewalld filter_FWDI_internal oifname "enp6s0" accept
nft insert rule inet firewalld filter_FWDI_internal oifname "enp9s0" accept
... but I have to do that again every time I lose power. I don't see an analogous feature in firewalld, even in direct rules. Am I missing something, or should I just script that somewhere to run after firewalld is up?
Or is there a better way that I've missed? I mean, besides replacing the wonky router?
Intrazone forwarding should be default today
firewalld-users@lists.fedorahosted.org
-
Andrei Borzenkov -
David Andrew Michael Noelle