sudo firewall-cmd --permanent --add-rule ... sudo firewall-cmd --reload
sudo firewall-cmd --list-all
sudo firewall-cmd --permanent --remove-rule ... sudo firewall-cmd --reload
sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.0/24" accept' sudo firewall-cmd --reload
# 追加 sudo firewall-cmd --permanent --direct --add-rule ipv4 nat OUTPUT 0 -p tcp -d 169.254.169.254/32 --dport 80 -j DNAT --to-destination 169.254.169.254:8111 sudo firewall-cmd --reload # 削除 sudo firewall-cmd --permanent --direct --remove-rule ipv4 nat OUTPUT 0 -p tcp -d 169.254.169.254/32 --dport 80 -j DNAT --to-destination 169.254.169.254:8111 sudo firewall-cmd --reload
sudo firewall-cmd --permanent --zone=public --add-rich-rule 'rule family="ipv4" destination address="169.254.169.254/32" forward-port port="80" protocol="tcp" to-port="8111" to-addr="169.254.169.254"'