From 1d958c27c35d917bf006a67c770502d35e990283 Mon Sep 17 00:00:00 2001
From: Johannes Stoelp <johannes.stoelp@gmail.com>
Date: Wed, 11 Jan 2023 16:45:21 +0100
Subject: firewalld: add rich rule example

---
 src/network/firewall-cmd.md | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src')

diff --git a/src/network/firewall-cmd.md b/src/network/firewall-cmd.md
index 315bbd8..03c268a 100644
--- a/src/network/firewall-cmd.md
+++ b/src/network/firewall-cmd.md
@@ -21,6 +21,8 @@ firewall-cmd --list-ports
 firewall-cmd --add-service <SERVICE>
 # Add a specific port.
 firewall-cmd --add-port 8000/tcp
+# Add a rich rule (eg port forwarding, dnat).
+firewall-cmd --add-rich-rule 'rule family="ipv4" forward-port port="80" protocol="tcp" to-port="8080"'
 ```
 
 ## Remove entries
@@ -29,6 +31,8 @@ firewall-cmd --add-port 8000/tcp
 firewall-cmd --remove-service <SERVICE>
 # Remove port.
 firewall-cmd --remove-port 8000/tcp
+# Remove rich rule.
+firewall-cmd --remove-rich-rule 'rule family="ipv4" forward-port port="80" protocol="tcp" to-port="8080"'
 ```
 
 ## References
-- 
cgit v1.2.3