[Cialug] iptables rule -> firewalld
Jeffrey Ollie
jeff at ocjtech.us
Mon Sep 9 22:48:03 UTC 2019
Ooof. Firewalld is nice for doing basic things, but it fails miserably when
it comes to more advanced operations or inter-operating with other
applications that want to manipulate the iptables rules (like docker does).
Firewalld can still do it, but you'll need to read up on direct rules.
You'll need to run something like this:
firewall-cmd --direct --add-rule ipv4 nat PREROUTING 1 -p tcp --dport 25 -j
DNAT --to <MX IP>:25
That'll change the running iptables, add "--permanent" to make that persist
across reboots. You'll need to read up though I'm just doing this from
memory and haven't tested.
On Mon, Sep 9, 2019 at 4:45 PM David Champion <dchamp1337 at gmail.com> wrote:
> Redhat documentation has a really nice page on firewalld.
>
> -dc
>
>
> On Mon, Sep 9, 2019 at 4:32 PM L. V. Lammert <lvl at omnitec.net> wrote:
>
> > Need to persist a iptables rule, .. instead of hacking it in rc.local,
> > woudl prefer to do it the 'firewalld' way. Any recommendations on
> > translating?
> >
> > In this example, need to redirect all outbound port 25 traffic on a
> Docker
> > host:
> >
> > iptables -t nat -I PREROUTING -p tcp --dport 25 -j DNAT --to <MX IP>:25
> >
> > All zones.
> >
> > Thanks!
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
> >
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
>
--
Jeff Ollie
The majestik møøse is one of the mäni interesting furry animals in Sweden.
More information about the Cialug
mailing list