在firewalld中,添加的规则处于活动状态,但无法列出

在firewalld中,添加的规则处于活动状态,但无法列出

在 CentOS Linux 7 机器中添加规则

[root@localhost ~]# sudo firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -d 8.8.8.8/32 -j REJECT

成功

规则按预期运行

[root@localhost ~]# ping -c 2 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 192.168.122.50 icmp_seq=1 Destination Port Unreachable
ping: sendmsg: Operation not permitted
From 192.168.122.50 icmp_seq=2 Destination Port Unreachable
ping: sendmsg: Operation not permitted

但它没有显示在列表中

[root@localhost ~]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources: 
  services: dhcpv6-client ssh
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

相关内容