Firewalld not blocking incoming requests
Hello,
I use CentOS and just changed my firewalld settings to use drop zone and allow incoming traffic only from some IP ranges. I think my setup is not correct as I can still access my server from anywhere. What did I wrong? My setup: Code:
firewall-cmd --get-active-zones drop Code:
firewall-cmd --state Code:
firewall-cmd --zone=drop --list-all |
Try adding a rich rule to drop all other traffic
|
Do you mean adding the rule below at the end?
Code:
firewall-cmd --zone=drop --permanent --add-rich-rule='rule family="ipv4" source address="0.0.0.0/0" reject' |
Yes, test that out and see if that's the behavior you want.
|
Unfortunately if I add the reject rule it kills my accept rules and I can not connect to the server :(
|
Now it seems I have found the solution. I removed all port entries and add only specific rich rules.
Now my config looks like this: Code:
firewall-cmd --list-all |
All times are GMT -5. The time now is 01:30 PM. |