No Deny / IP Address / IP Range Options in FirewallD

See exact same question Whitelist IP in FirewallD - Webmin - Virtualmin Community

I’ve got the same problem - does no one know if there is a way to get around this limitation?

you could try this from the command line

firewall-cmd --permanent --add-rich-rule=“rule family=‘ipv4’ source address=‘<ip>/24’ reject”

to block an ip range

firewall-cmd --permanent --add-rich-rule=“rule family=‘ipv4’ source address=‘<ip>’ reject”

to block a single ip

to whitelist you could use

firewall-cmd --permanent --add-source=<ip>


firewall-cmd --permanent --add-source=<ip>/24

but your right I don’t see a way in the gui to add rules like this, but I’m sure someone else will have an idea where
further reading An Introduction to Firewalld

It’s really, really, DEEPLY buried in the software.

Go to the virtual server you want to block the IP’s from getting to.

Then go to Services/Configure Website/ and down towards the bottom you will see a path to your public_html folder for that virtua server. Click on that link.

Then a new window will open and on the top row about the 3rd icon over you’ll see Access Control. Click that.

Down towards the bottom of that window, you’ll see a Restrict Access Section.

Below that where it says Allow, change that to Deny.
Next to that where it says All request, change that to either Request from IP and enter the IP number or you can choose request from host and enter a range.

There’s a number of different settings to block with in that panel.

1 Like