I would like to enable SSH access but only for connections coming from 10.1.2.0/24.
I run:
firewall-cmd --permanent --zone=public --add-source=10.1.2.0/24
firewall-cmd --complete-reload
However SSH is still accessible from sources outside of 10.1.2.0/24.
Here is my public zone file:
Code: Select all
<?xml version="1.0" encoding="utf-8"?>
<zone>
<short>Public</short>
<description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
<source address="10.1.2.0/24"/>
<service name="dhcpv6-client"/>
<service name="ssh"/>
</zone>
Can anybody tell me why the above isn't working?
Thanks.