Firewalld防火墙(二)
允许使用ah验证
firewall-cmd --zone=trusted --add-rich-rule=‘rule protocol value=ah accept’
删除ah验证
firewall-cmd --zone=trusted --remove-rich-rule='rule
拒绝DMZ区域192.168.100.0/24网络通信
firewall-cmd --zone=dmz --add-rich-rule=‘rule family=ipv4 source address=192.168.100.0/24 drop’
允许外网20和21号端口通信
firewall-cmd --zone=external --add-rich-rule=‘rule family=ipv4 source address=192.168.200.0/24 port port=20-21 protocol=tcp accept’
关闭系统ip地址伪装
firewall-cmd --remove-masquerade --zone=external