我有以下内容(省略了多个空条目):
$ sudo firewall-cmd --list-all-zones
block
target: %%REJECT%%
icmp-block-inversion: no
masquerade: no
dmz
target: default
icmp-block-inversion: no
services: ssh
masquerade: no
drop
target: DROP
icmp-block-inversion: no
masquerade: no
external
target: default
icmp-block-inversion: no
services: ssh
masquerade: yes
home
target: default
icmp-block-inversion: no
services: ssh mdns samba-client dhcpv6-client
masquerade: no
internal
target: default
icmp-block-inversion: no
services: ssh mdns samba-client dhcpv6-client
masquerade: no
public (active)
target: default
icmp-block-inversion: no
interfaces: enp2s0
services: dhcpv6-client https ssh
ports: 50036/tcp
masquerade: no
trusted
target: ACCEPT
icmp-block-inversion: no
masquerade: no
rich rules:
rule family="ipv4" source address="myip1" service name="ssh" accept
rule family="ipv4" source address="myip2" service name="ssh" accept
rule family="ipv4" source address="myip3" service name="ssh" accept
work
target: default
icmp-block-inversion: no
services: ssh dhcpv6-client
masquerade: no
如果我做
firewall-cmd --zone=public --remove-service=ssh --permanent
那么我能访问我的服务器吗?我对这个trusted区域没有任何来源并且没有标记这一事实感到困惑active。为什么我只有一个区域处于活动状态。
我也没有看到timeout选项服务删除命令。