OS type and version
Debian Linux 11
When I add a whole subnet to my FirewallD rules
sudo firewall-cmd --add-rich-rule=‘rule family=ipv4 source address=220.127.116.11/24 port port=0-65535 protocol=tcp reject’
all rules with ‘/number’ disappear after I restart the webmin server.
Does anybody has a solution for this?
February 28, 2023, 1:06pm
I haven’t had to mess with this yet so your post got me curious.
Save active runtime configuration and overwrite permanent configuration with it. The way this is supposed to work is that when configuring firewalld you do runtime changes only and once you’re happy with the configuration and you tested that it works the way you want, you save the configuration to disk.
February 28, 2023, 5:36pm
or you can just add --permanent to the end of the command. Don’t forget to do a
to reload the changed configuration.
Tested & approved!
You are fantastic. Thank you guys. Solved my problem with the --permanent option after the command.
If you are interested. These are the subnets I block at the moment:
Life is much calmer now. If you want to know what’s hitting your ports at the moment you can tail f.e. your mail.log with
sudo tail -f /var/log/mail.log
It is quite a relevation …
Take care: Any mailserver coming out of these IP ranges can also no more mail your domains.
March 9, 2023, 8:34am
This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.