cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
john_ng
Cadet
Cadet
‎03-22-2019 02:48 AM
  • 1,694 Views

Content of RH254 Red Hat System Administration III

In RH254 Red Hat System Administration III

Section 4.4: Practice: Writing Custom Rules

2.a. Permanently create the new firewall rule

[student@serverX ~]$ sudo firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address=172.25.X.10/32 service name="http" log level=notice prefix="NEW HTTP " limit value="3/s" accept'

 

Should it be /24 instead of /32 ?

 

Thanks. 

Labels (1)
Labels
0 Kudos
Join the discussion
2 Replies
harpreetsingh
Flight Engineer Flight Engineer
Flight Engineer
‎03-23-2019 06:18 AM
  • 1,674 Views

According to this demonstration, to set rich rule in firewall, this is for a specific host so that's why  /32 is used.

address=172.25.X.10/32

If you want to apply the same rule for specific subnet then you can go with /24 or an appropriate CIDR accordingly.

address=172.25.X.0/24
0 Kudos
Jayadev
Flight Engineer Flight Engineer
Flight Engineer
‎03-25-2019 01:30 AM
  • 1,652 Views

@john_ng 

I see the rule is correct in its present form. It should be 32 for a host (desktopX in this case).

Thanks,

Jayadev

0 Kudos
Join the discussion
You must log in to join this conversation.
Red Hat Learning Community

Red Hat

Learning Community

A collaborative learning environment, enabling open source skill development.

Red Hat Inc. Copyright ?2024 Red Hat, Inc. Privacy policy Terms of use