0

Is there a way to forward a port to another port on a whole subnet?

I wanted to run firewall-cmd --add-forward-port=port=8888:proto=tcp:toport=80:toaddr=10.100.100.0/24 But the cli says 10.100.100.0/24 is invalid.

Is that possible maybe with masquerade?

Thanks

DJYod
  • 356
  • 1
  • 4
  • 15
  • What exacly are you trying to achieve by doing this? A subnet obviously does not have ports, do you want the packet to be forwarded to all hosts in this destination subnet (on a different port)? – inaki Aug 31 '16 at 13:18
  • Yes, exactly. Is that possible ? – DJYod Aug 31 '16 at 13:31
  • 1
    I don't think you can achieve this with a firewall rule. If you were to add forwarding rules to each host in this subnet seperately then iptables will match on the first rule and send it to only one host. You can maybe forward traffic to this port to a loadbalancer in your network which can then do something similar afterwards. – inaki Aug 31 '16 at 13:42

0 Answers0