matiu asked the question of how they can do port forwarding for a single source IP address. You can read the original question here.
I provided the following commands as an answer. I based my answer on research of firewalld commands and my existing knowledge of port forwarding with Cisco routers. I realize Cisco is a completely different platform than firewalld but I suspected the concept of an ACL and then NAT would be similar enough for my answer to work. Based on matiu’s feedback that was wrong.
Can anyone explain why the firewalld commands below does not result in only source IP address 1.2.3.4 being allowed to pass the firewall and then be port forwarded from TCP 22 to TCP 5678?
firewall-cmd --permanent --zone=public --add-rich-rule="rule family="ipv4" \ source address="1.2.3.4/32" \ port protocol="tcp" port="22" accept" firewall-cmd --permanent --zone=external --add-forward-port=port=22:proto=tcp:toport=5678:toaddr=*private translated IP address* firewall-cmd --reload
Answer
Attribution
Source : Link , Question Author : user5870571 , Answer Author : Community
