feat: add forward option for zones

defaults/main.yml

@@ -17,6 +17,18 @@ firewalld_allow_zone_drifting: False
 firewalld_ipsets: []
 firewalld_ipsets_extra: []
 
+# @var firewalld_services:description: >
+# A firewalld service can be a list of local ports and destinations and additionally also a list of firewall helper modules
+# automatically loaded if a service is enabled.
+# @var firewalld_services:example: >
+#  - name: ""
+#     short: ""
+#     description: ""
+#     port: []
+#     protocol: []
+#     source_port: []
+#     module: []
+#     destination: {}
 firewalld_services: []
 firewalld_services_extra: []
 
@@ -42,6 +54,7 @@ firewalld_services_extra: []
 #       - name:
 #     icmp-block-inversion: true
 #     masquerade: true
+#     forward: true
 #     forward-port:
 #       - { port: "", protocol: "" }
 #     source-port:

templates/etc/firewalld/zones/zone.xml.j2

@@ -12,7 +12,7 @@
   <{{ tag }}{% for name, value in subtag.items() %} {{ name }}="{{ value }}"{% endfor %}/>
   {% endfor %}
   {# Settings which can be used once #}
-  {% elif tag in ["icmp-block-inversion", "masquerade"] and item[tag] == True %}
+  {% elif tag in ["icmp-block-inversion", "masquerade", "forward"] and item[tag] | bool %}
   <{{ tag }}/>
   {% endif %}
 {% endfor %}