Using Firewall-cmd to create address specific restrictions in centos 7
I searched for the answer but I found many questions related to my own without answers.
After much study, I came around with a workaround. Here is what i did
I Added the interface to the public zone
then
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="x.x.x.x/x" service name="ssh" log prefix="ssh" level="info" accept'
sudo firewall-cmd --reload
Note: The source address could be a range. Just specify the network mask
Since ssh wasn't added for the public zone, it will be blocked by default. The rich rule will enable it for only that source ip.
Any better solution please add.
Related videos on Youtube
pjanecze
Updated on September 18, 2022Comments
-
pjanecze almost 2 years
I am learning solidity and want to create a contract that will lock token for Uniswap LP. What I've created is:
- List item
- on token creation I am creating uniswap pair with that token
- I am creating a Timelock for token amount assigned to creator address
- now on release() method I would like to automatically add liquidity with eth value that has been sent and token that was locked
Problem here is that to add LP to uniswap token needs to be approved and from what I see the only way to approve token is to first send this token to creator address.
Is it possible to make it automatic so that we don't need to trust contract creator to add LP after it has been released to him?
-
Alejo JM over 9 yearsnice job, from your answer i get work this one with ip address firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="X.X.X.X" port port="81" protocol="tcp" accept' firewall-cmd --reload
-
MadHatter over 8 yearsThanks to @oranix for pointing out the missing
=
. -
pjanecze over 3 yearsThanks for answer, basically I've found that approve is not a problem because contract creator can do it by himself before doing release() on time lock contract. What I would like to do is to automatically send token and eth to LP pair when calling release(). Do you think it is possible?
-
Mikko Ohtamaa over 3 yearsI do not see why it is not possible. You can program any kind of smart contracts you want, only imagination is your limit.