# 阻擋特定來源 IP 位址
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='x.x.x.x/24' reject"
解除阻擋的來源 IP 位址
firewall-cmd --permanent --remove-rich-rule="rule family='ipv4' source address='x.x.x.x' reject"
reject禁止特定ip連線ssh/22服務
firewall-cmd --permanent --zone=public --add-rich-rule="rule family='ipv4' source address='x.x.x.x/24' service name='ssh' reject"
accept執行特定ip連線ssh/22服務
firewall-cmd --permanent --zone=public --add-rich-rule="rule family=ipv4 source address='x.x.x.x/24' port port=22 procotol=tcp accept"