On 2020-05-17 07:01, Sam Varshavchik wrote:
The first thing that I noticed after updating my router to F32 is
that masquerading didn't seem to work. telnet to some public port 80 appears to be
blocked, traceroute dies, etc…
When I ran firewall-config, the masquerading checkbox was off, so I enabled it, but it
made no difference.
Poking around suggested that something more fundamental is broken, somewhere.
firewall-config itself seems to be showing my two interfaces:
wan0 (eno2)
Zone: FedoraServer
lan0 (eno1)
Zone: FedoraServer
This is correct, my ports, both in the zone. But firewall-cmd on the command line comes
back with this:
[root@shorty ~]# firewall-cmd --list-interfaces
[root@shorty ~]# firewall-cmd --get-active-zone
[root@shorty ~]#
Something seems to be broken in firewalld-land, but I don't know where to start
looking.
There is always /var/log/firewalld as a starting point.
Then, it is possible that now that nftables is default for firewalld instead of iptables
it may be an issue?
I see you responded to your own post.
Maybe falling back to iptables for the time being?
FirewallBackend=iptables
in your config file.
--
The key to getting good answers is to ask good questions.