我有centos 7。我试图阻止从服务器到特定IP地址的所有出站流量,但firewalld不会阻止流量。这就是我所做的:
[root@server network-scripts]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens192
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" destination address="134.223.116.100" drop
[root@server network-scripts]# firewall-cmd --get-active-zones
public
interfaces: ens192
[root@server network-scripts]# firewall-cmd --state
running
但我仍然可以curl到ip地址,那么有什么问题吗?
[root@server network-scripts]# curl 134.223.116.100
<HTML><HEAD>
<TITLE>Access Denied</TITLE>