====== Firewalld ======

Another package to manage another package... welcome to new world ... :D\\
Anyway but server need to keep rolling !!


==== Replace firewalld with iptables ====
This is tested with the RHEL7
<code bash>
yum install -y iptables-services
iptables-save > /etc/sysconfig/iptables  # preserve existing rule
systemctl stop firewalld
systemctl mask firewalld
systemctl enable iptables
systemctl enable ip6tables
systemctl start iptables
systemctl start ip6tables
</code>

==== Adding rich rule ====

<code bash>
firewall-cmd --permanent --zone=public --add-rich-rule='
  rule family="ipv4"
  source address="192.168.12.0/25"
  port protocol="tcp" port="9200" accept'
</code>

==== Port redirection ====
Using following command one can redirect port traffic to another.
<code bash>
# iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 8080 -j REDIRECT --to-port 8443
firewall-cmd --permanent --direct --add-rule ipv4 nat OUTPUT 0 -p tcp -o lo --dport 8080 -j REDIRECT --to-ports 8443
</code>