Recently I had the need to block one computer (a VMWare CentOS6 virtual machine actually) from accessing the Internet. I added a rich rule to the firewall Public zone thus
Code: Select all
[root@taylor16 ken]# firewall-cmd --add-rich-rule="rule family='ipv4' source address='10.42.0.217' drop" --zone=public
If I try to access something on the Internet, however,
Code: Select all
ken@localhost Desktop]$ ping www.centos.org
PING www.centos.org (85.12.30.226) 56(84) bytes of data.
64 bytes from 85.12.30.226: icmp_seq=1 ttl=49 time=116 ms
64 bytes from 85.12.30.226: icmp_seq=2 ttl=49 time=116 ms
ken@localhost Desktop]$ traceroute www.centos.org
traceroute to www.centos.org (85.12.30.226), 30 hops max, 60 byte packets
1 10.42.0.1 (10.42.0.1) 0.934 ms 0.723 ms 0.549 ms
2 10.8.0.1 (10.8.0.1) 33.423 ms 35.287 ms 37.089 ms
3 v32.ce02.wdc-01.us.leaseweb.net (192.96.203.93) 39.211 ms v32.ce01.wdc-01.us.leaseweb.net (192.96.203.92) 40.329 ms 42.044 ms
4 be-7.br02.wdc-01.us.leaseweb.net (108.59.15.112) 44.416 ms ae-3.br01.wdc-01.us.leaseweb.net (108.59.15.120) 45.558 ms ae-2.br01.wdc-01.us.leaseweb.net (108.59.15.118) 48.195 ms
5 38.88.128.61 (38.88.128.61) 49.989 ms 38.88.128.9 (38.88.128.9) 51.917 ms 53.695 ms
6 be2323.ccr41.iad02.atlas.cogentco.com (154.54.44.1) 55.838 ms 56.296 ms 57.881 ms
7 be3084.ccr42.dca01.atlas.cogentco.com (154.54.30.65) 60.397 ms be3083.ccr41.dca01.atlas.cogentco.com (154.54.30.53) 36.736 ms 37.664 ms
8 be2806.ccr41.jfk02.atlas.cogentco.com (154.54.40.105) 42.676 ms be2807.ccr42.jfk02.atlas.cogentco.com (154.54.40.109) 42.263 ms be2806.ccr41.jfk02.atlas.cogentco.com (154.54.40.105) 43.258 ms
9 be2317.ccr41.lon13.atlas.cogentco.com (154.54.30.186) 110.198 ms be2490.ccr42.lon13.atlas.cogentco.com (154.54.42.86) 117.465 ms be2317.ccr41.lon13.atlas.cogentco.com (154.54.30.186) 112.105 ms
10 be12488.ccr42.ams03.atlas.cogentco.com (130.117.51.42) 126.665 ms 130.938 ms be12194.ccr41.ams03.atlas.cogentco.com (154.54.56.94) 127.347 ms
11 be2440.agr21.ams03.atlas.cogentco.com (130.117.50.6) 124.980 ms be2434.agr21.ams03.atlas.cogentco.com (130.117.2.241) 136.011 ms 131.904 ms
12 xe-7-2.rt1.ams3.baseip.com (149.6.128.198) 143.074 ms 137.450 ms 145.718 ms
13 xe-1-1.rt1.ams1.baseip.com (91.148.255.65) 143.739 ms 143.595 ms 139.939 ms
14 85.12.30.226 (85.12.30.226) 138.046 ms !X 135.625 ms !X 141.284 ms !X
If the firewall drops all packets from the black-listed IP address/computer, how does the computer access DNS on the firewall box and how does it pass traffic through the firewall box to the Internet. I am confused. Can someone suggest a way to block one computer from the Internet?
TIA,
Ken