Le 29/12/2017 à 10:32, Kenneth Porter a écrit : > How do I insert the iptables rule below using firewalld? > > I'm moving up from CentOS 6 to 7 on an office gateway and I'm trying > to get OpenVPN working to allow home workers to access PCs at the > office. I've got it all working but only by manually inserting an > ACCEPT rule in the FORWARD iptables chain: > > iptables -I FORWARD 3 -i tun+ -j ACCEPT > > This rule was extracted from my iptables firewall under CentOS6. The 3 > puts it after the accepts for established connections and loopback > connections, but before any firewalld sub-chains. With this I can > connect to an internal Windows 10 system with Remote Desktop. > > How can I inject this rule using firewalld, either as a direct rule or > as some more firewalld-approved kind of rule? You can see perhaps this link, to add opnvpn service to firewalld : https://unix.stackexchange.com/questions/149144/configuring-openvpn-to-use-firewalld-instead-of-iptables-on-centos-7 Alain -- Administrateur Système/Réseau C2N (ex LPN) Centre de Nanosciences et Nanotechnologies (UMR 9001) Site de Marcoussis, Data IV, route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34