Inhaltsverzeichnis

Konfiguration von firewalld mit firewall-cmd

Blocken einzelner IP-Adressen oder Subnetze

firewall-cmd             --add-rich-rule="rule family='ipv4' source address='a.b.c.d' reject"
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='a.b.c.d' reject"
firewall-cmd             --add-rich-rule="rule family='ipv4' source address='a.b.c.d/nm' reject"
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='a.b.c.d/nm' reject"
firewall-cmd --list-rich-rules

Öffnen einzelner Ports

firewall-cmd             --zone=public --add-port=51820/udp
firewall-cmd --permanent --zone=public --add-port=51820/udp

Öffnen von Portbereichen

firewall-cmd             --zone=public --add-port=60000-60020/udp
firewall-cmd --permanent --zone=public --add-port=60000-60020/udp