From d7f1fc24ed463470131fc04891803dbacf52a7c1 Mon Sep 17 00:00:00 2001
From: Jonas Forsberg <jonas.forsberg@suse.com>
Date: Thu, 14 Oct 2021 13:58:28 +0200
Subject: [PATCH] .

---
 salt/states/firewalld/init.sls | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/salt/states/firewalld/init.sls b/salt/states/firewalld/init.sls
index 7fb0a12..d3b0ca5 100644
--- a/salt/states/firewalld/init.sls
+++ b/salt/states/firewalld/init.sls
@@ -65,3 +65,14 @@ Configure firewalld for vlan networks:
       - https
       - dns
       - ntp
+
+Add forwarding on Internal zone:
+  cmd.run:
+    - name: firewall-cmd --permanent --zone=internal --add-forward
+    - unless: bash -c "if [[ \"$(firewall-cmd --zone=internal --list-all | sed -n 's/.* forward. \(.*\)$/\1/p')\" = \"yes\" ]]; then exit 0; else exit 1;fi"
+
+Reload firewalld:
+  cmd.run:
+    - name: firewall-cmd --reload
+    - onchanges:
+      - cmd: Add forwarding on Internal zone