I have the following configuration on my gateway:
Code: Select all
[root@gw server]# uname -a
Linux gw 3.10.0-693.5.2.el7.x86_64 #1 SMP Fri Oct 20 20:32:50 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
[root@gw server]# cat /etc/centos-release
CentOS Linux release 7.4.1708 (Core)
[root@gw server]# firewall-cmd --version
[root@gw server]# firewall-cmd --get-active-zones
[root@gw server]# firewall-cmd --zone=public --list-all
services: ssh dhcpv6-client openvpn
[root@gw server]# firewall-cmd --zone=trusted --list-all
Thus, when I go to https://ext-ip, I see published resource (https://10.128.5.200). But I have the following issue: when I try to https from trusted network (ex. https://google.com), I also see https://10.128.5.200. It seems that firewalld port-forwards outgoing traffic. I tried to RTFM and google the situation, but the only thing I found was an issue at firewalld's github (https://github.com/firewalld/firewalld/issues/258).
Could you please tell me if this is a bug or I do something wrong (and how to do it right, yes)?
Thanks a lot in advance.