On Wed, Jun 14, 2023 at 06:15:51PM -0400, A. F. Cano wrote: In this link previously supplied by James Valleroy: https://bugzilla.redhat.com/show_bug.cgi?id=2016864#c8 it says that to enable forwarding within the internal zone, all that is needed is:
sudo firewall-cmd --permanent --zone=internal --add-forward This failed to take the first time, but after a few tries, sudo firewall-cmd --permanent --list-all-zones shows internal (active) target: default icmp-block-inversion: no interfaces: enp2s0 enp3s0 sources: services: coturn-freedombox dhcp dhcpv6-client dns http https infinoted-plinth matrix-synapse-plinth mdns mumble-plinth privoxy samba-client ssh syncthing xmpp-bosh xmpp-client xmpp-server ports: protocols: forward: yes masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: but I can't ssh from one internal subnet to the other. I get "Connection refused". ssh to/from either subnet from/to the FreedomBox works fine. THis is something I've been wanting to do for a long time, but so far no success. $ sudo firewall-cmd --get-active-zones external interfaces: enp1s0 internal interfaces: enp2s0 enp3s0 I should be able to ssh from machines connected to the different sub-nets. Any ideas, anyone? Augustine _______________________________________________ Freedombox-discuss mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/freedombox-discuss
