1. OpenSSL
通过防火墙规避
登录服务器,启用防火墙(注意:该操作可能导致业务中断,需同时配置业务端口放通配置保障业务可用)
Systemctl start firewalld
2、添加仅允许192.168.100.0/22段访问22端口策略:
firewall-cmd --permanent --zone=public --add-rich-rule="rule family="ipv4" source address="192.168.100.0/22" port port="22" protocol="tcp" accept"
firewall-cmd --zone=public --remove-service=ssh –permanent
firewall-cmd --zone=public --remove-port=22/tcp --permanent
3、防火墙配置生效:
firewall-cmd –reload
标签:网络安全,zone,22,--,cmd,firewall,系统漏洞,Linux,port From: https://www.cnblogs.com/pujinhong/p/17999076