Hello, This is the default firewalld configuration [root@localhost ~]# firewall-cmd --list-all public interfaces: eth0 services: mdns dhcpv6-client ssh ports: forward-ports: icmp-blocks: I initiate a ping from another box to a Fedora 18 beta. Ping is successful. While ping is active,I modify the firewalld to block icmp [root@localhost ~]# firewall-cmd --list-all public interfaces: eth0 services: mdns dhcpv6-client ssh ports: forward-ports: icmp-blocks: echo-reply echo-request I go back and check the terminal from where I initiated the ping. I could see ping is still successful. I expect to see it fail So I stop the ping process and then restart it. Now I see ping fails with the "Destination Host Prohibited" message which is expected When you compare it with old static firewall, the moment you add a similar rule, icmp request is stopped iptables -A OUTPUT -p icmp --icmp-type echo-request -j DROP How do you stop/block a existing active connection using firewalld ? Is there a way, you can block a specific ip address [I do not see any option to block] Best regards Ranjith PS: learning firewalld using https://fedoraproject.org/wiki/FirewallD.