How to block outside IP addresses with firewalld on CentOS 7
There are situations were specific IP addresses or ranges may need to be blocked. In my case I have SIP hackers trying to brute force a publicly exposed Asterisk server. I don’t have control over the exterior gateway or firewalls between the server and public internet. So in this case I have to specifically block access to a single host.
From Asterisk:
[Aug 15 14:13:33] NOTICE[20986]: chan_sip.c:26214 handle_request_register: Registration from ‘”3292″ <sip:3292@64.56.135.10>’ failed for ‘195.154.188.25:5170’ – Wrong password
Goals of this Post:
- Instruct firewalld to ‘drop’ all connection attempts from a single host