February 2020
Intermediate to advanced
666 pages
15h 45m
English
Content preview from Mastering Linux Security and Hardening - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Using firewalld rich language rules
What we've looked at so far might be all you'll ever need for general use scenarios, but for more granular control, you'll want to know about rich language rules. (Yes, that really is what they're called.)
Compared to iptables rules, rich language rules are a bit less cryptic and are closer to plain English. So, if you're new to the business of writing firewall rules, you might find rich language a bit easier to learn. On the other hand, if you're already used to writing iptables rules, you might find some elements of the rich language a bit quirky. Let's look at one example:
sudo firewall-cmd --add-rich-rule='rule family="ipv4" source address="200.192.0.0/24" service name="http" drop'
Here, we're adding ...