[CentOS] ip6tables equivalent for NAT?

Tue May 26 18:54:33 UTC 2020
Kenneth Porter <shiva at sewingwitch.com>

I finally got an ISP connection with working IPv6 and now I need to add 
firewall rules for forwarding connections from my LAN to the WAN. I'm using 
firewalld to handle the high-level description that gets translated to 
iptables/ip6tables on CentOS 7.

Of course, with IPv6, one doesn't do NAT, so the usual masquerade target 
doesn't make sense. But I want similar connection logic, with no inbound 
connections allowed to LAN clients and all outbound connections allowed. 
How does one express this in either firewalld or its ip6tables "direct 

I don't currently need port-forwarding to internal servers but, for 
completeness, what would such rules look like?