Nav
You are viewing an older version of this section. Click here to navigate to the latest version.

To Enable Forwarding When Using firewalld

firewalld is an iptables controller that defines rules for persistent network traffic. If you are using firewalld with a Red Hat Enterprise Linux (RHEL) 7.3 operating system, you must enable forwarding on the docker0 device. You must also forward any packets being sent from or to the 10.0.0.0/8 subnet.

To Determine if You Are Using firewalld

To determine if your system is using firewall run the following command:

systemctl status firewalld.service

If firewalld is installed, this command returns the following:

$ sudo systemctl status firewalld.service
* firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)

If `firewalld is not installed, this command returns an error message.

Enabling Forwarding

To enable forwarding on the docker0 device, run the following commands:

firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 1 -o docker0 -j ACCEPT -m comment --comment "docker subnet"

firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 1 -s 10.0.0.0/8 -j ACCEPT -m comment --comment "docker subnet"

To enable forwarding on the 10.0.0.0/8 subnet, run the following commands:

firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 1 -s 10.0.0.0/8 -j ACCEPT -m comment --comment "docker subnet"

firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 1 -d 10.0.0.0/8 -j ACCEPT -m comment --comment "docker subnet"