The br0_p01_i interface is only for host <-> bridge communication. VM's have
their own ports on the bridge, so any network traffic to/from any VM should never go
through br0_p01_i interface - at least that is what I am expecting.
At this moment the target for zone, where br0_p01_i interface is, is REJECT. And
everything appears to be working...
The second part of the project is podman, and br_netfilter is loaded. Podman needs
br_netfilter for intra container communication via host mapped ip/port (I really need that
functionality) - I haven't found workaround to be able to unload the br_netfilter
module. This part also appears to be working...
What is the relation between firewalld and br_netfilter? Can firewalld do anything
about/with br_netfilter?