On 05/19/2016 01:43 PM, Benjamin Lefoul wrote:
Hi,
Strangely enough this seems to be a common problem without a clear
answer (see for instance:
https://ask.fedoraproject.org/en/question/32104/port-redirect-with-firewa...
)
We have a file to be fetched via http on port 8080, so this works: #
wget
http://localhost:8080/file_to_fetch.txt
We want this to work as well: # wget
http://localhost/file_to_fetch.txt
But adding the port forward to the trusted zone (with interface lo)
won't do.
forward-ports: port=80:proto=tcp:toport=8080:toaddr=
Even adding it as a rich rule does not work. The only way around is with
a direct rule:
# cat /etc/firewalld/direct.xml
<?xml version="1.0" encoding="utf-8"?>
<direct>
<rule priority="0" table="nat" ipv="ipv4"
chain="OUTPUT">-d 127.0.0.1
-p tcp --dport 80 -j DNAT --to-destination 127.0.0.1:8080</rule>
</direct>
Hi Benjamin,
This sounds like
https://github.com/t-woerner/firewalld/issues/78
--
markos
SUSE LINUX GmbH | GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG Nürnberg) Maxfeldstr. 5, D-90409, Nürnberg