Sometimes we find that there are IPs that always attack our server. Whether attacking on the most common SSH port, attacking DNS Ports, Web, and so on. To stop attacks from these IPs, there are various ways, one of which is using Firewalld. Firewalld is a built-in Firewall from Centos 7 which functions to protect our server on the Network side. Especially network traffic entering / leaving the server.
Here are some commands that can be used in Firewalld
1. Block the Incoming IP so that the IP cannot access the server
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='x.x.x.x' reject"
2. Block the Internal Port so that it cannot be accessed from outside
firewall-cmd --remove-port=port-number/<tcp | udp>
3. Allow IP to be able to access the server
firewall-cmd --permanent --zone=public --add-source=x.x.x.x
4. Allow Port so that it can be accessed from outside
firewall-cmd --permanent --add-port=portnumber/tcp --zone=public
After the command is run, don't forget to reload the firewalld
firewall-cmd --reload
