> On 7 Nov 2021, at 17:11, Sam Varshavchik <mr...@courier-mta.com> wrote: > > I wrote: > >> I upgraded a dual-homed server: one connection to the Internet, one >> connection to my LAN (all IPV4 connections): >> >> NAT is no longer working: >> >> $ traceroute 8.8.8.8 >> traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets >> 1 shorty.email-scan.com (192.168.0.1) 1.882 ms 1.818 ms 1.785 ms >> 2 shorty.email-scan.com (192.168.0.1) 1.732 ms !X 1.684 ms !X 1.631 ms !X >> $ telnet www.cnn.com 443 >> Trying 199.232.37.67… >> telnet: connect to address 199.232.37.67: No route to host >> Trying 2a04:4e42:46::323… >> telnet: connect to address 2a04:4e42:46::323: Network is unreachable >> >> >> firewall-config on 192.168.0.1 shows "Masquerade zone" enabled, as always. >> Where would the problem be? > > After some searching around I found multiple other people having the same > exact problem. > > https://forums.fedoraforum.org/showthread.php?327324-IP-Masquerade-NAT-not-working-in-Fedora-35 > > <https://forums.fedoraforum.org/showthread.php?327324-IP-Masquerade-NAT-not-working-in-Fedora-35> > > Not sure what in dickens happened here. How likely is that noone noticed this > before the release. It surely would've been a blocker? > > The suggested solution initially didn't work for me. By trial and error I > found an additional step that fixed my setup, noted in that thread. > > I don't see this listed under "Common Issues". I think it should be. > > Where is that "Forwarding" option visible in firewall-config? I can't find it.
Sam, Thanks for bring this to up. My Home router broke as well and the information in the fedora forum allowed me to fix it. I have 3 zones, internal (trusted in the house), external (to the ISP) and wg0 (wireguard VPN). The step that fixed my setup was to all a policy to allow internal to NAT out via external. The forum post from jag001 has the exact commands to run to setup firewalld. Now I can NAT to the internet. Next step for me is to check that wireguard is working. Barry > > _______________________________________________ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure
_______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
