You likely need it to allow #2:
But the conntrack helper rules for transit traffic should work for non-masqueraded zones by default as long as you have installed the related packages and restarted the firewall service.
You likely need it to allow #2:
But the conntrack helper rules for transit traffic should work for non-masqueraded zones by default as long as you have installed the related packages and restarted the firewall service.