Firewalld CentOS 7 Masquerading

To set up masquerading on the external zone, type:

# firewall-cmd --zone=external --add-masquerade

external: For use on external networks with masquerading enabled especially for routers. You do not trust the other computers on the network to not harm your computer. Only selected incoming connections are accepted.

internal: For use on internal networks. You mostly trust the other computers on the networks to not harm your computer. Only selected incoming connections are accepted.

For reference:

http://www.certdepot.net/rhel7-get-started-firewalld/

Alternatively you can add the rule to your: /etc/firewalld/direct.xml file eg.

<?xml version="1.0" encoding="utf-8"?>
<direct>
...
  <rule priority="0" table="filter" ipv="ipv4" chain="POSTROUTING">-table nat -jump MASQUERADE --source 10.8.0.0/24 --out-interface eth0</rule>  
</direct>

Then:

firewall-cmd --reload

Firewalld CentOS 7 Masquerading

Tags:

Centos7

Firewalld

Related

Recent Posts