Centos7 firewall-cmd 允許特定網路回應ICMP

Centos7 想要做到允許特定的IP才可以ping到我的機器，本次會使用firewall-cmd防火牆工具做到。

#啟用firewalld防火牆工具

systemctl start firewalld

systemctl enable firewalld

systemctl status firewalld

#禁止所有ping回應

firewall-cmd --permanent --add-icmp-block-inversion  

firewall-cmd --reload #重新載入

#只允許192.168.50.30 ping回應

firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address="192.168.50.30" icmp-type name="echo-request" accept'  # 允許192.168.50.30 ping

firewall-cmd --reload #重新載入