Re: Specifying allowed source ports
On 11/09/13 13:37, poma wrote:
On 11.09.2013 12:18, Sergio Villar Senin wrote:
> Hi,
>
> sometimes is useful to allow connections from a specific combination of
> of source_address:source_port. For example if you want to allow the
> icecream[1] autodiscovery service in your local network you would likely
> want to allow connections coming from:
>
> 192.168.1.0/24:8765 udp
>
> I think this is a very common use case in local networks where you have
> services running in well-known ports that use random ports in your local
> machine to setup connections.
>
> Is there any way to do that in firewalled?
>
It would be awkward if it can't. :)
man 5 firewalld.richlanguage
I've read the richlanguage syntax and still I cannot find the way to
specify the source port, because the <port> element is translated to the
destination port in the iptables rule and the <source> element only
allows to specify the address, not the port.
BR