0

I am having a problem, with dropping traffic using FirewallD.

I start a continuous ping from host1.example.com (192.0.2.101) to host2.example.com (192.0.2.102), and when I execute either of the below commands on host2:

firewall-cmd -q --permanent --add-rich-rule="rule family='ipv4' source address=192.0.2.102 reject"

or

firewall-cmd --permanent --zone=drop --add-source=192.0.2.102

then reload the firewall using one of the below commands:

firewall-cmd --reload
firewall-cmd --complete-reload
systemctl restart firewalld

the continuous ping started from host1 to host2 does not drop. The only time FirewallD on host2 will drop ICMP traffic from host1 is when I kill the ping process and restart it.

I believe I am having the same issue as discussed on Why firewalld doesn't apply my drop rule?, however, none of those answers were able to help me resolve my issue.

Sasha
  • 1
  • 2
  • Hi @Sasha, which zone is curently applied to the interfaces on both machines? – Christopher H Aug 11 '20 at 21:46
  • Hey @christopher-h, thanks for the suggested edition and your question. One of the machines, where I am pinging from, is irrelevant as it can be any source (of pining or attack). On the target machine, where I am trying to properly configure FirewallD, I tried to use different zones, including the drop zone, but unfortunately it never kills the current ongoing pinging (or attack) session. – Sasha Aug 11 '20 at 22:33

0 Answers0