8 Jul
2023
8 Jul
'23
04:42
On 08.07.2023 00:21, Marc Chamberlin via openSUSE Users wrote:
ipv4 nat PREROUTING 2 -d 111.111.111.112 -i eth0:novaExt -j DNAT --to-destination 192.168.10.210
Interface "eth0:novaExt" does not exist so this rule will never match. Besides, this is Déjà vu. I am pretty sure similar question was asked just recently (probably by you). To repeat - firewalld blocks traffic between interfaces in different zones by design. To configure forwarding between zones you must use policies. Any direct rule you add just tells where to send the packet; whether sending of this packet in this direction is permitted at all is not changed.