Firewalld on 20.04 question

David Fletcher dave at thefletchers.net
Thu Jul 13 17:54:43 UTC 2023


On Thu, 2023-07-13 at 13:02 -0400, Jerry Geis wrote:
> I have set the firewall to drop "many" address - seems to work EXCEPT
> for this address
> 
> 
>  bash -x ./firewall_redo.sh 
> + firewall-cmd --zone=drop --add-source=204.186.234.0/24
> Warning: ZONE_ALREADY_SET: '204.186.234.0/24' already bound to 'drop'
> success
> + firewall-cmd --zone=drop --add-source=204.186.234.238
> Warning: ZONE_ALREADY_SET: '204.186.234.238' already bound to 'drop'
> success

Apparently the address 204.186.234.238

belongs to the network 204.186.234.236/30

NOT 204.186.234.0/24

according to https://ipinfo.io/

so you're probably overlapping another range that you've already set.
I've just tried adding the /30 range to my own iptables setup and it
accepts it no problem.

My first thought was to try to be a funny smartass by suggesting that
because it apparently belongs to "Holy Redeemer High School" it might
just be divine intervention but then I took another look!

Hope that sorts it out for you.

Dave




More information about the ubuntu-users mailing list