ipforwarding between interfaces and firewall rules

Hello,

I am trying to forward all traffic (within a network, 192.168.67.0/24) between 2 interfaces (on RHEL 8.3)

I am doing/trying this:
sysctl -w net.ipv4.ip_forward=1
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -o eno1 -i enp0s20u4u1 -j ACCEPT
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -o enp0s20u4u1 -i eno1 -j ACCEPT

The eno1 interface is connected to the "WAN side" and enp0s20u4u1 ihas an access point connected to it.

I can ping through the eno1 interface, from both sides, but some how DNS requests don't go through. When I stop the firewall (systemctl stop firewalld), it all seems to "just work".

Any suggestions on how to set up the firewall to allow that?

thanks,

Ron