xenophy/IP Masquerade using Firewalld for CentOS 8.1

## IP Masquerade using Firewalld for CentOS 8.1
# IP Masquerade using Firewalld for CentOS 8.1
#
# [Public Server]
# "eth0": "globalIP" - connected router or WAN
# "eth1": "10.0.0.1"  - connected local switch
#
# [Local Server]
# "eth0": "10.0.1.1"  - connected local switch
#
#
#           -- Public Server --                -- Local Server --
# [WAN] <->  [eth0]
#            [eth1] <-----------> [Switch] <---> [eth0]
#

# Public Server
firewall-cmd --zone=public --add-masquerade --permanent
firewall-cmd --reload
firewall-cmd --zone=public --query-masquerade
nmcli connection modify eth1 connection.zone internal
firewall-cmd --zone=internal --add-masquerade --permanent
firewall-cmd --reload
firewall-cmd --direct --add-rule ipv4 nat POSTROUTING 0 -o eth0 -j MASQUERADE
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i eth1 -o eth0 -j ACCEPT
firewall-cmd --reload

# Local Server
nmcli connection modify eth0 ipv4.gateway "10.0.0.1"
systemctl restart NetworkManager
	# IP Masquerade using Firewalld for CentOS 8.1
	#
	# [Public Server]
	# "eth0": "globalIP" - connected router or WAN
	# "eth1": "10.0.0.1" - connected local switch
	#
	# [Local Server]
	# "eth0": "10.0.1.1" - connected local switch
	#
	#
	# -- Public Server -- -- Local Server --
	# [WAN] <-> [eth0]
	# [eth1] <-----------> [Switch] <---> [eth0]
	#

	# Public Server
	firewall-cmd --zone=public --add-masquerade --permanent
	firewall-cmd --reload
	firewall-cmd --zone=public --query-masquerade
	nmcli connection modify eth1 connection.zone internal
	firewall-cmd --zone=internal --add-masquerade --permanent
	firewall-cmd --reload
	firewall-cmd --direct --add-rule ipv4 nat POSTROUTING 0 -o eth0 -j MASQUERADE
	firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i eth1 -o eth0 -j ACCEPT
	firewall-cmd --reload

	# Local Server
	nmcli connection modify eth0 ipv4.gateway "10.0.0.1"
	systemctl restart NetworkManager