拒绝该ip地址以外的icmp访问
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source NOT address="xx.xx.xx.xx/28" protocol vaiue="icmp" reject'
只允许改地址访问
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="xx.xx.xx.xx/29" accept'
添加端口
firewall-cmd --permanent --add-port="xxxx/upd"
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="xx.xx.xx.xx" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source NOT address="xx.xx.xx.xx/28" protocol vaiue="icmp" reject'
只允许改地址访问
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="xx.xx.xx.xx/29" accept'
添加端口
firewall-cmd --permanent --add-port="xxxx/upd"
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="xx.xx.xx.xx" accept'
文章来源: firewall 防火墙配置