2

Is it possible to forward a port to an address specified by a hostname rather than an ip address using firewalld.

For example something like:

sudo firewall-cmd --add-forward-port=port=2222:proto=tcp:toport=22:toaddr=example.com

I have many VMs running on my remote machine and i would like to have a central place in my /etc/hosts to update the address of them.

James Bingo
  • 21
  • 1
  • 1
    You can use hostnames in your firewall rules (at least the netfilter/ipchains code supports that) but there is one big caveat: the only time when the lookup from hostname to ip-address is performed is when the rule gets loaded into memory. The system will from that moment apply your rules to the ip-address as was resolved at that point in time. If later the host gets a new ip-address your effective firewall rules will continue to use the old address for as long as the firewall is running or until the rule base is reset. – HBruijn Jan 25 '19 at 16:09

0 Answers0