FirewallD rich rules

I have 2 IPs on a single box and want to run SSH on 443 because fuck firewalls. SELinux isn’t happy about adding port 443 for SSH as HTTPS “owns” it. Instead I forwarded 443 on 1 IP to the SSH port I already ran. Don’t use port 22…. Looks like this:

firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" destination address="IPADDRESS" forward-port port="443" protocol="tcp" to-port="22"'

Leave a Reply

Your email address will not be published. Required fields are marked *