I see in upcoming versions, firewalld.policy is to replace the functionality of
iptables and firewalld.direct.
Browsing through the documentation, I can't see how I would replace the following
with policies as I can't find how to have a custom (module provided) TARGET.
The following supports the Sipwise NGCP RTPengine iptables kernel module:
https://github.com/sipwise/rtpengine
# direct.xml
<?xml version="1.0" encoding="utf-8"?>
<direct>
<!-- RTPengine managed iptables chain and kernel module forwarding-->
<chain ipv="ipv4" table="filter"
chain="RTPENGINE_allow"/>
<chain ipv="ipv6" table="filter"
chain="RTPENGINE_allow"/>
<passthrough ipv="ipv4">-I INPUT -p udp -m udp --dport 30000:40000 -j
RTPENGINE_allow</passthrough>
<passthrough ipv="ipv4">-I INPUT -p udp -m udp --dport 30000:40000 -j
RTPENGINE --id 0</passthrough>
<passthrough ipv="ipv6">-I INPUT -p udp -m udp --dport 30000:40000 -j
RTPENGINE_allow</passthrough>
<passthrough ipv="ipv6">-I INPUT -p udp -m udp --dport 30000:40000 -j
RTPENGINE --id 0</passthrough>
</direct>
--
Anthony -
https://messinet.com
F9B6 560E 68EA 037D 8C3D D1C9 FF31 3BDB D9D8 99B6