Forward traffic!

English Network/Internet
1

Hi!

I would like to forward http & https traffic that reaches my external interface on OpenSUSE Leap 15.6 to a wordpress container inside a Podman pod on a bridged network that’s connected to my trusted zone.

It works just fine connecting to the wordpress host (172.16.200.20) when I’m located in the trusted zone, BUT I can’t get it to work when I’m trying to connect from the outside!

Any ideas on what I should specify with the firewall-cmd command in order to get it to work?
(Maybe someone have done something similar)?

Kind regards

Henrik

2

You need to configure policy allowing traffic between zones.

3

Do you mean something like firewall-cmd --zone=trusted or external --add-forward?

4

No, I do not.

5

Ok so you mean something like:

firewall-cmd --permanent --new-policy allow-ext-to-trusted
firewall-cmd --permanent --policy allow-ext-to-trusted --set-target ACCEPT
Etc…

6

Could I get some tips or maybe point me in the right direction on where I can find more information on creating policies?

7

If you are wanting to forward traffic between networks, then kernel-level IP forwarding needs to be enabled via sysctl (net.ipv4.ip_forward=1) before firewalld port forwarding rules will work.

You can do this on the fly (IPv4 traffic) with
sudo sysctl -w net.ipv4.ip_forward=1

For persistent configuration refer
man systctl.conf

One of many blogs…
https://nordvpn.com/blog/ip-forwarding-linux/

8

The exact example was in the link I posted earlier.

9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.