I'm trying to setup my fedora machine as a router so my raspberry pi can access the internet. I know I can do this using iptables syntax but I'm trying to use the new firewalld syntax.
My setup is, I have a wireless connection that has access to the internet called wlp0s26u1u4 and I have a raspberry pi connected directly to my machine via ethernet on interface called em1.
My fedora machine has a static ip address em1 set to 10.10.2.1 and on my raspberry pi I have a static ip set to 10.10.2.100 and the default gateway set to 10.10.2.1.
I can ping my fedora machine from my pi just fine, but I'm unable to get my machine to forward from one interface to another.
Also I set the resolv.conf nameserver to google's public DNS (8.8.8.8) on my raspberry pi.
I checked and ipv4 forwarding is turned on:
Code:
# cat /proc/sys/net/ipv4/ip_forward
1
I added the following firewalld rule:
Code:
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i ens4 -o eth1 -j ACCEPT
However when I ping google.com from the pi I still get unknown host google.com
Doing a tcpdump I see the packet(s) come across on both the em1 (wired) connection and wireless connection (wlp0s26u1u4). However the response seem to be getting dropped on the wireless (wlp0s26u1u4) interface. Because on the tcpdump of interface wlp0s26u1u4 i'm seeing dropped packets:
Code:
2 packets captured
2 packets received by filter
0 packets dropped by kernel
2 packets dropped by interface
My question is what am I missing so I can do ip masquerading on fedora 21 so my pi can access the internet.
Thanks,
Gerb