Hi,
If this was native nft or iptables it would be just one line to fix it. But now I need to do this with firewalld 
Which doesn’t make it easier for me.
I have the following firewall block on the laptop (10.42.0.1, the pc is 10.42.0.2):
FINAL_REJECT: IN=enp0s31f6 OUT=wlp2s0 MAC= SRC=10.42.0.2 DST=9.9.9.9 LEN=64 TOS=0x00 PREC=0x00 TTL=63 ID=16989 DF PROTO=TCP SPT=35458 DPT=53 WINDOW=64240 RES=0x00 SYN URGP=0
I want to share an internet connection between een laptop (which has internet via wifi) and another computer that only has a UTP connection. So I connected an UTP cable between the laptop and pc. In network manager I selected “share connection with another computer” for the wired connection and boom, it worked. I could ping 8.8.8.8 from the pc. But other traffic is dropped, as seen above.
This is my firewalld config on the laptop:
firewall-cmd --list-all --zone=internal
internal (active)
target: default
icmp-block-inversion: no
interfaces: enp0s31f6 wlp2s0
sources:
services: dhcpv6-client mdns samba-client ssh vnc-server
ports:
protocols:
forward: no
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" destination address="224.0.0.1" protocol value="igmp" accept
rule family="ipv4" source address="10.42.0.0/24" accept
Both the wired and wifi connection are in the same zone, and I allow the 10.42.0.0/24 as a source. But it still is getting blocked. I have the feeling this is due to not allowing the interfaces to reach each other. Enabling forwarding in the zone didn’t change anything either. It’s set to disabled now again, since I can already ping 8.8.8.8.
Any advice?