Suchen
SupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

5.9. Port Forwarding

download PDF
Using firewalld, you can set up ports redirection so that any incoming traffic that reaches a certain port on your system is delivered to another internal port of your choice or to an external port on another machine.

5.9.1. Adding a Port to Redirect

Before you redirect traffic from one port to another port, or another address, you need to know three things: which port the packets arrive at, what protocol is used, and where you want to redirect them.
To redirect a port to another port: 
~]# firewall-cmd --add-forward-port=port=port-number:proto=tcp|udp|sctp|dccp:toport=port-number
To redirect a port to another port at a different IP address:
  1. Add the port to be forwarded: 
    ~]# firewall-cmd --add-forward-port=port=port-number:proto=tcp|udp:toport=port-number:toaddr=IP
  2. Enable masquerade: 
    ~]# firewall-cmd --add-masquerade

Example 5.1. Redirecting TCP Port 80 to Port 88 on the Same Machine

To redirect the port:
  1. Redirect the port 80 to port 88 for TCP traffic: 
    ~]# firewall-cmd --add-forward-port=port=80:proto=tcp:toport=88
  2. Make the new settings persistent: 
    ~]# firewall-cmd --runtime-to-permanent
  3. Check that the port is redirected: 
    ~]# firewall-cmd --list-all

5.9.2. Removing a Redirected Port

To remove a redirected port: 
~]# firewall-cmd --remove-forward-port=port=port-number:proto=<tcp|udp>:toport=port-number:toaddr=<IP>
To remove a forwarded port redirected to a different address:
  1. Remove the forwarded port: 
    ~]# firewall-cmd --remove-forward-port=port=port-number:proto=<tcp|udp>:toport=port-number:toaddr=<IP>
  2. Disable masquerade: 
    ~]# firewall-cmd --remove-masquerade

Note

Redirecting ports using this method only works for IPv4-based traffic. For IPv6 redirecting setup, you need to use rich rules. For more information, see Section 5.15, “Configuring Complex Firewall Rules with the "Rich Language" Syntax”.
To redirect to an external system, it is necessary to enable masquerading. For more information, see Section 5.10, “Configuring IP Address Masquerading”.

Example 5.2. Removing TCP Port 80 forwarded to Port 88 on the Same Machine

To remove the port redirection:
  1. List redirected ports: 
    ~]# firewall-cmd --list-forward-ports 
port=80:proto=tcp:toport=88:toaddr=
  2. Remove the redirected port from the firewall:: 
    ~]# firewall-cmd --remove-forward-port=port=80:proto=tcp:toport=88:toaddr=
  3. Make the new settings persistent: 
    ~]# firewall-cmd --runtime-to-permanent
Red Hat logoGithubRedditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

© 2024 Red Hat, Inc.