Sometimes we find that there are IPs that always attack our server. Whether attacking on the most common SSH port, attacking DNS Ports, Web, and so on. To stop attacks from these IPs, there are various ways, one of which is using Firewalld. Firewalld is a built-in Firewall from Centos 7 which functions to protect our server on the Network side. Especially network traffic entering / leaving the server.
Here are some commands that can be used in Firewalld
1. Block the Incoming IP so that it cannot access the server
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='x.x.x.x' reject"
2. Block the internal port so that it cannot be accessed from the outside.
firewall-cmd --remove-port=port-number/<tcp | udp>
3. Allow IP to access the server
firewall-cmd --permanent --zone=public --add-source=x.x.x.x
4. Allow Port to be accessible from outside
firewall-cmd --permanent --add-port=portnumber/tcp --zone=public
After the command is run, don't forget to reload the firewalldfirewall-cmd --reload