Code: Select all
firewall-cmd --permanent --new-ipset=netblock --type=hash:net --option=maxelem=1200000 --option=family=inet --option=hashsize=4096
Code: Select all
firewall-cmd --permanent --zone=drop --add-source=ipset:netblock
firewall-cmd --reload
Code: Select all
firewall-cmd --get-active-zones
drop
interfaces: nm-bond eno eno1 eno2
sources: ipset:netblock
Code: Select all
firewall-cmd --zone=drop --list-services
http ssh
firewall-cmd --zone=drop --permanent --list-ports
899/tcp 80/tcp 2023/tcp 8080/tcp
Code: Select all
sestatus
SELinux status: disabled