Hi I am asking for help, unfortunately, after a few days of fighting firewalld, I can't do it. Updated server opensuse where iptables was previously Ipsec (strongswan) running on the WAN (external) server 2 external and internal zones external The external ip address to which the ipsec client connects external services - http / ssh SSH for ipsec client only. internal - LAN, the ipsec client gets the address from the lan pool. I want the ipsec client to have access to www and ssh of this server as well as other hosts in the lan network (all ports). ICMP works from the ipsec client to the server and other hosts on the lan network. Http does not work on the server for the ipsec client. If I add the ip of the ipsec client to the Trusted zone - ssh access does not work.
I can't diagnose anything in this firewall, I don't see the iptables -L -v option that is helpful in iptables.
Backed nftables.
firewalld-users@lists.fedorahosted.org