On 2020-08-03 03:27, Jeffrey Ross wrote: > (System Fedora 31) > > I'm looking to make routing decisions based upon either the source or > destination TCP port and interface/destination IP, in the Cisco world I'd do > this via policy based routing. > > I found an example using iptables > https://www.sparksupport.com/blog/2010/10/02/application-based-routing-in-linux_port-based-routing/ > > however this system is running firewalld and I haven't found an example (yet) > using firewalld. > > Very specifically if I receive traffic on TCP port 1234 I do not want to use > my system defined default gateway, rather I want to use an alternate gateway > which will be via an OpenVPN tunnel. I would really like to go one step > further an if it was received on port 1234 AND interface X then use gateway > 1, if it was port 1234 and interface Y use gateway 2, not sure how far down > the rabbit hole I can go. What I am trying to avoid is have an asymmetric > routing condition when I have a firewall fronting the different interfaces.
I do not know if it is possible to do that currently with firewalld and rich rules. However, to get excellent help with firewalld I I would suggest going to the dedicated mailing list. List-Help: <mailto:firewalld-users-requ...@lists.fedorahosted.org?subject=help> List-Post: <mailto:firewalld-us...@lists.fedorahosted.org> List-Subscribe: <mailto:firewalld-users-j...@lists.fedorahosted.org> List-Unsubscribe: <mailto:firewalld-users-le...@lists.fedorahosted.org> -- The key to getting good answers is to ask good questions. _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
