cancel
Showing results for 
Search instead for 
Did you mean: 
john_ng
Cadet
Cadet
  • 1,697 Views

Content of RH254 Red Hat System Administration III

In RH254 Red Hat System Administration III

Section 4.4: Practice: Writing Custom Rules

2.a. Permanently create the new firewall rule

[student@serverX ~]$ sudo firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address=172.25.X.10/32 service name="http" log level=notice prefix="NEW HTTP " limit value="3/s" accept'

 

Should it be /24 instead of /32 ?

 

Thanks. 

Labels (1)
0 Kudos
2 Replies
harpreetsingh
Flight Engineer Flight Engineer
Flight Engineer
  • 1,677 Views

According to this demonstration, to set rich rule in firewall, this is for a specific host so that's why  /32 is used.

address=172.25.X.10/32

If you want to apply the same rule for specific subnet then you can go with /24 or an appropriate CIDR accordingly.

address=172.25.X.0/24
0 Kudos
Jayadev
Flight Engineer Flight Engineer
Flight Engineer
  • 1,655 Views

@john_ng 

I see the rule is correct in its present form. It should be 32 for a host (desktopX in this case).

Thanks,

Jayadev

0 Kudos
Join the discussion
You must log in to join this conversation.