Given an IP address, how can I prevent any connection both to and from that IP? If there are multiple methods, please describe the pros and cons of each.
I've found a lot of contradictory and confusing information about this online and in the documentation.
Thanks for any help!
I was wondering if someone can point me in the right direction with this one:
When I start up the openconnect server (ocserv) on my server
automatically, I can't seem to connect from the client ("Failed to
connect to host", "Failed to open HTTPS connection"). It does work,
though, when I either start or restart ocserv when the server has
already been running, or when I disable firewalld from loading.
This is on a pretty normal Fedora 20 server (ocserv 0.8.4), which uses
the standalone ocserv.service (i.e. not socket-activated). Firewalld
has a permanent rule to open port 445.
The systemd serialization looks good to me: firewalld.service
completes before the network.target that ocserv.service depends on.
PS: Please CC me for replies.