NAT on RHEL/CentOS 7

draft

Enable IP forwarding,

echo "net.ipv4.ip_forward = 1" > /etc/sysctl.d/ip_forward.conf
sysctl -p

Enable NAT,

firewall-cmd --permanent --direct --passthrough ipv4 -t nat -I POSTROUTING -o EXTERNAL_NETIF -j MASQUERADE -s INTERNAL_IP/PREFIX
firewall-cmd --permanent --direct --passthrough ipv4 -I FORWARD -i INTERNAL_NETIF -j ACCEPT
firewall-cmd --reload