On Thu, Nov 15, 2018 at 01:18:49PM -0000, Steven Schroeder wrote:
I have set up firewalld to forward any incoming udp port 162 traffic
to a remote server. I would like to add a second rule to forward udp
port 162 traffic from a specific source IP to a different destination
address, but it seems it will only match the first rule it finds.
Is this possible?
Yes, it's possible. The problem is your first rich rule is a
"catch-all". It should work if you add the more specific rich rule
first.
e.g.
rule family="ipv4" source address="<special IP>"
forward-port port="162" protocol="tcp" to-port="<dest
port>" to-addr="<dest IP>"
rule family="ipv4" forward-port
port="162" protocol="tcp" to-port="<dest port>"
to-addr="<dest IP>"