john_ng

Cadet
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-22-2019
02:48 AM
- 1,922 Views
Content of RH254 Red Hat System Administration III
In RH254 Red Hat System Administration III
Section 4.4: Practice: Writing Custom Rules
2.a. Permanently create the new firewall rule
[student@serverX ~]$ sudo firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address=172.25.X.10/32 service name="http" log level=notice prefix="NEW HTTP " limit value="3/s" accept'
Should it be /24 instead of /32 ?
Thanks.
2 Replies


Flight Engineer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-23-2019
06:18 AM
- 1,902 Views
According to this demonstration, to set rich rule in firewall, this is for a specific host so that's why /32 is used.
address=172.25.X.10/32
If you want to apply the same rule for specific subnet then you can go with /24 or an appropriate CIDR accordingly.
address=172.25.X.0/24


Flight Engineer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-25-2019
01:30 AM
- 1,880 Views
I see the rule is correct in its present form. It should be 32 for a host (desktopX in this case).
Thanks,
Jayadev
Join the discussion
You must log in to join this conversation.