I do notice a masquerade clause in the documentation for firewalld's "rich language". I was wondering if --add-masquerade's breakage could be worked around by enabling masquerading only for my local lan IP address range.
So I tried: --remove-masquerade --add-rich-language 'rule family="ipv4" source address="192.168.0.0/24" masquerade'This doesn't appear to make any difference. traceroutes from the lan to globally-routable IP addresses are blocked by the firewall.
Is there anything missing that needs to be done. firewalld.language man page's description does not offer any clues.
pgpB5bZjb8rhQ.pgp
Description: PGP signature
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
