首页
禁用某个IP为192.168.0.100的地址禁止访问80端口:
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.0.100" port protocol="tcp" port="80" reject"
firewall-cmd --reload
解除刚才被限制的192.168.0.100
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.0.200" port protocol="tcp" port="80" accept"
firewall-cmd --reload
限制IP地址段
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="172.16.1.0/24" port protocol="tcp" port="80" reject"
firewall-cmd --reload
