默认情况下firewalld会先匹配黑名单(reject)规则。
规则优先级可以用priority
来指定,默认不填的话priority都是0,优先级区间(-32767至32767)
bash
#例如:
[root@blog ~]# firewall-cmd --add-rich-rule='rule priority="-100" family="ipv4" source address="13.17.12.210" port port="22" protocol="tcp" accept'
success