--On Wednesday, December 22, 2021 8:03 PM +0100 Patrick via CentOS <centos at centos.org> wrote: > Error: INVALID_RULE: internal error in _lexer(): rule family="ipv4" > source NOT address="46.23.XX.0/24" forward-port port="53" protocol="udp" > to-port="60053" to-addr="46.23.XX.53" If you don't get help here, you might try one of the firewalld mailing lists or other support resources here: <https://firewalld.org/community.html> I'm curious to hear what you discover. (This might be a bug that warrants a patch for the CentOS package.)