Question: How tp add a rule using firewall-cmd to drop/reject specific IP connecting to the server? This can be used as an added security on the server.
firewall-cmd is the most common method of managing firewalld configurations (both running as well as permanent). This tool is a part of the firewalld package.
1. Create new rule to drop specific IP connecting on the server.
# firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='xx.xx.xx.xx/xx' drop"
2. Reload firewall-cmd
# firewall-cmd --reload
3. Check new rules.
# firewall-cmd --list-all
Remove the Rule
To remove new created rule:
# firewall-cmd --permanent --remove-rich-rule="rule family='ipv4' source address='xx.xx.xx.xx/xx' drop"