Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

  • Comments
  • Not able to block a website using firewall-cmd rich-rules

    Posted on

    $ firewall-cmd --zone=public --list-all
    public (default, active)
    interfaces: eth0 tun0
    sources:
    services: dhcpv6-client openvpn ssh
    ports: 1194/tcp 1194/udp
    masquerade: no
    forward-ports:
    icmp-blocks:
    rich rules:
    rule family="ipv4" source address="63.236.0.247" drop
    rule family="ipv4" source address="63.236.0.239" drop
    rule family="ipv4" source address="63.236.0.233" drop
    rule family="ipv4" source address="63.236.2.233" drop
    rule family="ipv4" source address="63.236.0.249" drop
    rule family="ipv4" source address="63.236.0.248" drop

    $ wget 89.com
    wget 89.com
    --2015-07-23 10:33:21-- http://89.com/
    Resolving 89.com (89.com)... 63.236.2.233
    Connecting to 89.com (89.com)|63.236.2.233|:80... connected.
    HTTP request sent, awaiting response... 302 Found
    Location: http://www.89.com/ [following]
    --2015-07-23 10:33:23-- http://www.89.com/
    Resolving www.89.com (www.89.com)... 63.236.0.239, 63.236.0.247, 63.236.0.248, ...
    Connecting to www.89.com (www.89.com)|63.236.0.239|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: unspecified [text/html]
    Saving to: 'index.html'

    [ <=> ] 56,282 77.5KB/s in 0.7s

    2015-07-23 10:33:25 (77.5 KB/s) - 'index.html' saved [56282]

    I hope to be able to block this website but wget succeeds.

    by

    points

    Responses

    Red Hat

    Quick Links

    Help

    Site Info

    Related Sites

    © 2025 Red Hat, Inc.