aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorJohannes Stoelp <johannes.stoelp@gmail.com>2023-01-11 16:45:21 +0100
committerJohannes Stoelp <johannes.stoelp@gmail.com>2023-01-11 16:45:21 +0100
commit1d958c27c35d917bf006a67c770502d35e990283 (patch)
tree70a9c8034bc7fb719a848c1cffff87ac4779dc7a
parent01b220f676d78d5407aa89cb78668d9c08f3239b (diff)
downloadnotes-1d958c27c35d917bf006a67c770502d35e990283.tar.gz
notes-1d958c27c35d917bf006a67c770502d35e990283.zip
firewalld: add rich rule example
-rw-r--r--src/network/firewall-cmd.md4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/network/firewall-cmd.md b/src/network/firewall-cmd.md
index 315bbd8..03c268a 100644
--- a/src/network/firewall-cmd.md
+++ b/src/network/firewall-cmd.md
@@ -21,6 +21,8 @@ firewall-cmd --list-ports
firewall-cmd --add-service <SERVICE>
# Add a specific port.
firewall-cmd --add-port 8000/tcp
+# Add a rich rule (eg port forwarding, dnat).
+firewall-cmd --add-rich-rule 'rule family="ipv4" forward-port port="80" protocol="tcp" to-port="8080"'
```
## Remove entries
@@ -29,6 +31,8 @@ firewall-cmd --add-port 8000/tcp
firewall-cmd --remove-service <SERVICE>
# Remove port.
firewall-cmd --remove-port 8000/tcp
+# Remove rich rule.
+firewall-cmd --remove-rich-rule 'rule family="ipv4" forward-port port="80" protocol="tcp" to-port="8080"'
```
## References