firewall-cmd não bloqueia a porta especificada

1

Eu adicionei uma regra rica para bloquear conexões a um servidor DNS para testar outro processo e as capturas de pacote mostram que os pacotes enviados pelo endereço IP especificado pela regra rica a seguir ainda são aceitos.

block
  interfaces: 
  sources: 
  services: 
  ports: 
  masquerade: no
  forward-ports: 
  icmp-blocks: 
  rich rules: 

dmz
  interfaces: 
  sources: 
  services: ssh
  ports: 
  masquerade: no
  forward-ports: 
  icmp-blocks: 
  rich rules: 

drop
  interfaces: 
  sources: 
  services: 
  ports: 
  masquerade: no
  forward-ports: 
  icmp-blocks: 
  rich rules: 

external
  interfaces: 
  sources: 
  services: ssh
  ports: 
  masquerade: yes
  forward-ports: 
  icmp-blocks: 
  rich rules: 

home
  interfaces: 
  sources: 
  services: dhcpv6-client ipp-client samba-client ssh
  ports: 
  masquerade: no
  forward-ports: 
  icmp-blocks: 
  rich rules: 

internal
  interfaces: 
  sources: 
  services: dhcpv6-client ipp-client samba-client ssh
  ports: 
  masquerade: no
  forward-ports: 
  icmp-blocks: 
  rich rules: 

public (default, active)
  interfaces: eno16780032
  sources: 
  services: dhcpv6-client samba ssh
  ports: 
  masquerade: no
  forward-ports: 
  icmp-blocks: 
  rich rules: 
        rule family="ipv4" source address="10.7.6.11/32" drop
trusted
  interfaces: 
  sources: 
  services: 
  ports: 
  masquerade: no
  forward-ports: 
  icmp-blocks: 
  rich rules: 

work
  interfaces: 
  sources: 
  services: dhcpv6-client ipp-client ssh
  ports: 
  masquerade: no
  forward-ports: 
  icmp-blocks: 

regras ricas:

    
por Spitfire19 28.10.2016 / 22:29

0 respostas