Skip to Content
Learning RHEL Networking
book

Learning RHEL Networking

by Andrew Mallett
June 2015
Intermediate to advanced
216 pages
4h 48m
English
Packt Publishing
Content preview from Learning RHEL Networking

Using rich rules

The firewalld rich language allows an administrator to easily configure more complex firewall rules without having knowledge of the iptables syntax. This can include logging and examination of the source address.

To add a rule to allow NTP connection on the default zone, but logging the connection at no more than 1 per minute, use the following command:

# firewall-cmd --permanent \
--add-rich-rule='rule service name="ntp" audit limit value="1/m" accept'
# firewall-cmd --reload

Similarly, we can add a rule that only allows access to the squid service from one subnet only:

# firewall-cmd --permanent \
--add-rich-rule='rule family="ipv4" \ 
source address="192.166.0.0/24" service name="squid" accept'
# firewall-cmd --reload

From the ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Mastering CentOS 7 Linux Server

Mastering CentOS 7 Linux Server

Mohamed Alibi, BHASKARJYOTI ROY
CentOS System Administration Essentials
Troubleshooting CentOS

Troubleshooting CentOS

Jonathan Hobson
Red Hat RHCSA and RHCE Webcasts

Publisher Resources

ISBN: 9781785287831