Add range of IPs to a firewalld zone

Question

I'm struggling with the syntax for the following.

If I want to add a single IP to a zone, I do this:

firewall-cmd --zone=drop --add-source=134.119.193.63

But, how would I add 134.119.xxx.xxx?

Thanks

score 1 · Accepted Answer · answered Jul 24 '19 at 23:04

1

You can specify IP address ranges by CIDR.

--add-source=134.119.0.0/16

answered Jul 24 '19 at 23:04

Michael Hampton

Thanks, partly understand how that works. I'm not actually familiar with subnets and CIDR, its a gap in my knowledge. I assume that because each block is 8 bits, setting it to `/16` and the last two blocks to `.0.0` like that, means its basically a wildcard? – Pickledegg Jul 25 '19 at 07:58
1

@Pickledegg That's about right. You should learn CIDR as soon as possible; it's something you'll need frequently in IT. Our own [canonical Q&A](https://serverfault.com/q/49765/126632) might make a good starting point. – Michael Hampton Jul 25 '19 at 16:53

1 Answers1