Firewalld - creating zone based on destination IP
I have a server with a single NIC, single interface, but multiple IPs.
I want to whitelist access to a port on the server but only on one of the IPs.
So with iptables I would do:
-A INPUT -p tcp -m tcp -d 18.104.22.168 --dport 12345 -j ACCEPT
and that would let me open that port but only on IP '22.214.171.124'.
How would I achieve the same with Firewalld? From my understanding Firewalld works based on interfaces.
I have tried:
firewall-cmd --zone=customzone --add-service=12345/tcp --set-destination=ipv4:126.96.36.199/32 --permanent
but that doesn't do it