I'me trying to do the equivalent of
iptables -t nat -I POSTROUTING -p all -s 172.17.0.0/16 -j SNAT --to-source 5.6.7.8
in firewalld to allow docker to bind to the secondary IP on my NIC.
The closest I can work out it
firewall-cmd --permanent --direct --add-rule ipv4 nat POSTROUTING 0 -d 172.17.0.0/16 -p all -j SNAT --to 5.6.7.8
Which I modified from a post at https://forums.centos.org/viewtopic.php?t=71241 which gave
$ firewall-cmd --permanent --direct --add-rule ipv4 nat POSTROUTING 0 -d 10.x.x.x -p udp --dport 162 -j SNAT --to 10.x.x.204
As a solution to a slightly different question but not sure. Am I correct.
