1. 特定port轉到內部某ip的port
firewall-cmd --add-rich-rule="rule family=ipv4 forward-port port=8080 protocol=tcp to-port=8080 to-addr=192.168.1.1" --zone=public --permanent
2. 特定ip,特定port轉道內部某ip的port
firewall-cmd --add-rich-rule="rule family=ipv4 source address=x.x.x.x forward-port port=8080 protocol=tcp to-port=8080 to-addr=192.168.1.1" --zone=public --permanent