Home > OS >  Firewalld how to add any outside network IP paragraph? Previous iptables - SRC - range?
Firewalld how to add any outside network IP paragraph? Previous iptables - SRC - range?

Time:09-17

Firewalld rich rules, the IP segment seems to support the mask only forms, such as
Firewall - CMD - add - rich - rule="rule family=ipv4 source address=1.1.1.1/24 accept"

Question if I want to add 100.0.0.1-100.0.0.3 IP networks outside of this kind of relatively arbitrary section?

The original iptables is simple:
Iptables -a INPUT -p TCP - m iprange - SRC - range 100.0.0.1-100.0.0.3 -- dport 1234 - sport 1024:65534 - j ACCEPT

Now Firewalld will become three rich rules respectively to join?
Firewall - CMD - add - rich - rule="rule family=ipv4 source address=100.0.0.1 accept"
Firewall - CMD - add - rich - rule="rule family=ipv4 source address=100.0.0.2 accept"
Firewall - CMD - add - rich - rule="rule family=ipv4 source address=100.0.0.3 accept"

Is there a better way, because before the iptables only need several hundred, use firewalld now after the split into hundreds of thousands of rich rule

CodePudding user response:

Address range aggregation, CIDR

Page link:https//www.codepudding.com/os/5704.html

Prev:Consult the compiling and decompiling of DTB files?
Next:Download the old version on apache hbase - 0.98.8 - hadoop2 - bin. Tar. Gz is too slow
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding