Policy local-route based on protocol and port
sudo ip rule add from 192.0.2.5 ipproto tcp sport 80 lookup 301 sudo ip rule add from 192.0.2.10 ipproto tcp dport 8080 lookup 302
Check:
vyos@r14# sudo ip rule show 0: from all lookup local 32763: from 192.0.2.10 ipproto tcp dport 8080 lookup 302 32764: from 192.0.2.5 ipproto tcp sport 80 lookup 301 32765: from all fwmark 0xc9 lookup 201 32766: from all lookup main 32767: from all lookup default [edit] vyos@r14#
Proposed CLI
set policy local-route rule 301 protocol tcp source-port 80 set policy local-route rule 302 protocol tcp destination-port 8080
Or use the following:
set policy local-route rule 301 protocol tcp set policy local-route rule 301 source|destination port xxx
The second option required migration of the current source to the source address
vyos@r14# set policy local-route rule 100 source Possible completions: <x.x.x.x> Address to match against <x.x.x.x/x> Prefix to match against