Hello,
How can I block IP range or entire country on CentOS 7 with FirewallD? The IP range starts with 180.76.15.* and is Chinese IP.
The command below works for single IP but not for range:
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='180.76.15.154' reject"
I tried with this command for the range but without success:
firewall-cmd --permanent --add-rich-rule=“rule family=‘ipv4’ source address=‘180.76.15/24’ reject”
Cheers
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Click below to sign up and get $100 of credit to try our products over 60 days!
I think the correct command is:
Pay attention to highlighted part
Yeah, I have an idea, why not utilize “UFW” or iptables (conntrack allows the user to log access).
dnf install ufw -y systemctl enable --now ufw systemctl start --now ufw
ufw enable
iptables
This comment has been deleted
You have to reload firewalld after adding a permanent rule.
The command is not working, I run the command and reload my firewall for the changes to take effect, but unfortunately the 180.76.15* still have access to my site. Any other ideas?
Thank you xMudrii,
This command is executed successfully. Lets see if it works and the Chinese visitors from 180.76.15* will not have access to the site anymore.
Cheers, Ivo