firewalld block ip ranging but allow single ip
So I need the following.
allow 192.168.1.5 http deny 192.168.1.0\24 http So here are my firwalld command. Code:
firewall-cmd --zone=public --add-rich-rule 'rule family="ipv4" source address="192.168.1.5" service name="http" accept' |
Have you tried only to add the first rule without the second? I believe others are blocked by default, but don't quote me on this as I haven't worked with firewalld.
|
That did it. I swear I had tried that before. Thanks
|
ok maybe this isnt solved.
I added a log rule now everyone can access it. Here is my output Code:
firewall-cmd --list-all |
I removed all those rules and added this one.
rule family="ipv4" source address="192.168.1.5" service name="http" log prefix="httpd" level="info" limit value="1/m" accept Now only 1.5 can get to the site and it gets a log in /var/log/message. I don't see any log for ips other then 1.5. I need to log all request to the web site. |
Have you tried adding the logging rule after the access rule?
|
I would love to but I have tried adding and removing them in different orders but they always end up like this.
rule family="ipv4" service name="http" log prefix="httpd" level="info" limit value="1/m" accept rule family="ipv4" source address="192.168.1.5" service name="http" accept This way everyone gets in and it gets logged. I tried adding the log with a drop instead of accept but it blocks everyone again. I am going to remove the log rule and come back to this when I have time. Thanks lazydog for your help. |
I couldn't resist I had to try again.
This works. firewall-cmd --zone=public --add-rich-rule 'rule family="ipv4" service name="http" log prefix="httpd" level="info" limit value="1/m"' --permanent Removing accept seems to have fixed it. |
All times are GMT -5. The time now is 05:30 AM. |