On 06/10/2015 12:31 PM, Anton Matta wrote:

Hi,

I red man firewalld.richlanguage really focussed and some searched webpages and I really don't know how to restrict ssh with systemd like from 2 sources ok, other not ok?

a.b.c.d > ssh OK

b.c.d.a > ssh OK

x.x.x.x (everyone else) > REJECT, DROP, whatever.

Do You have any ideas? Thanks for reply. m.
_______________________________________________
firewalld-users mailing list
firewalld-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/firewalld-users

Hi Anton.

This is how I did it:

firewall-cmd --zone=THE-ZONE-YOU-WANT --remove-service=ssh [ENTER]
firewall-cmd --zone=THE-ZONE-YOU-WANT --remove-service=ssh --permanent[ENTER]
firewall-cmd --add-rich-rule='rule family="ipv4" source address="a.b.c.d" service name="ssh" log prefix="ssh" level="info" limit value="1/m" accept' [ENTER]
firewall-cmd --add-rich-rule='rule family="ipv4" source address="a.b.c.d" service name="ssh" log prefix="ssh" level="info" limit value="1/m" accept' --permanent [ENTER]

Hope that helps.

--

Atte.

=========================
Ing. Jonathan J. Ramirez C.