On 2020-08-03 03:27, Jeffrey Ross wrote: > (System Fedora 31) > > I'm looking to make routing decisions based upon either the source or destination TCP port and interface/destination IP, in the Cisco world I'd do this via policy based routing. > > I found an example using iptables https://www.sparksupport.com/blog/2010/10/02/application-based-routing-in-linux_port-based-routing/ > > however this system is running firewalld and I haven't found an example (yet) using firewalld. > > Very specifically if I receive traffic on TCP port 1234 I do not want to use my system defined default gateway, rather I want to use an alternate gateway which will be via an OpenVPN tunnel. I would really like to go one step further an if it was received on port 1234 AND interface X then use gateway 1, if it was port 1234 and interface Y use gateway 2, not sure how far down the rabbit hole I can go. What I am trying to avoid is have an asymmetric routing condition when I have a firewall fronting the different interfaces. I do not know if it is possible to do that currently with firewalld and rich rules. However, to get excellent help with firewalld I I would suggest going to the dedicated mailing list. List-Help: <mailto:firewalld-users-request@xxxxxxxxxxxxxxxxxxxxxx?subject=help> List-Post: <mailto:firewalld-users@xxxxxxxxxxxxxxxxxxxxxx> List-Subscribe: <mailto:firewalld-users-join@xxxxxxxxxxxxxxxxxxxxxx> List-Unsubscribe: <mailto:firewalld-users-leave@xxxxxxxxxxxxxxxxxxxxxx> -- The key to getting good answers is to ask good questions. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
