Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1367528 - RFE: Allow filtering in the FORWARD chain
Summary: RFE: Allow filtering in the FORWARD chain
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: firewalld
Version: 8.0
Hardware: x86_64
OS: Linux
Target Milestone: rc
: 8.1
Assignee: Eric Garver
QA Contact: qe-baseos-daemons
Depends On: 1682341
Blocks: 1160348
TreeView+ depends on / blocked
Reported: 2016-08-16 16:21 UTC by lejeczek
Modified: 2019-03-15 20:47 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed:
Type: Bug
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Github t-woerner firewalld issues 2 None None None 2016-12-01 18:27:35 UTC
Red Hat Bugzilla 1492722 None None None 2019-02-27 16:10:46 UTC

Internal Links: 1492722

Description lejeczek 2016-08-16 16:21:16 UTC
Description of problem:

... traffic between those interfaces?
I've tried declaring "sources" but it did not affect anything in the way I'd expected.
Is this not a bug?

I expected this a natural way to forward traffic between interfaces/subnets, to put them in the same zone. I've been reading and I apologize if I still miss this - how to pass/route LAN to LAN with firewalld - this should be one liner, one option, no?

Version-Release number of selected component (if applicable):


How reproducible:

Steps to Reproduce:

Actual results:

Expected results:

Additional info:

Comment 2 Thomas Woerner 2016-09-02 13:15:35 UTC
I am sorry, bit this is not natively supported by firewalld at the moment.

There is a feature request upstream to add this upstream:

It is planned for firewalld version 0.5.

Comment 5 Eric Garver 2018-06-06 15:47:03 UTC
bump to 7.7.0

Comment 6 Eric Garver 2018-11-16 18:48:17 UTC
This is would be a large change to firewalld both in the user interfaces and dbus API. As such I don't think it's appropriate for RHEL-7 at this point in its life cycle.

I'm bumping this to RHEL-8. It's also heavily related to bug 1492722 (OUTPUT filtering).

Note You need to log in before you can comment on or make changes to this bug.