What do your firewall rules look like? (No, don't post that. The iptables rules that
firewalld generates are not meant for human comprehension.) I see you disabled
firewalld, which prevents it from starting automatically but doesn't affect the current session. At a minimum you need a firewall rule in the "nat" table to masquerade forwarded traffic so that the packets will use your public IP address as their source address. Without that, responses cannot be routed back to you.
You should either configure
firewalld to do what you need, or else stop and mask it entirely ("
systemctl mask ..." means block the unit from being started by any means, automatic or manual) and generate your own ruleset from scratch. (And BTW, stopping the
firewalld service does not flush whatever iptables rules are currently in effect.) Unless you're an expert, it's going to be a lot easier just to configure
firewalld (Applications -> Sundry -> Firewall). See
Configuring Firewalld.