Agregué una regla enriquecida para bloquear conexiones a un servidor DNS para probar otro proceso y las capturas de paquetes muestran que los paquetes enviados por la dirección IP especificada por la siguiente regla enriquecida aún se aceptan.
block
interfaces:
sources:
services:
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
dmz
interfaces:
sources:
services: ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
drop
interfaces:
sources:
services:
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
external
interfaces:
sources:
services: ssh
ports:
masquerade: yes
forward-ports:
icmp-blocks:
rich rules:
home
interfaces:
sources:
services: dhcpv6-client ipp-client samba-client ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
internal
interfaces:
sources:
services: dhcpv6-client ipp-client samba-client ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
public (default, active)
interfaces: eno16780032
sources:
services: dhcpv6-client samba ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="10.7.6.11/32" drop
trusted
interfaces:
sources:
services:
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
work
interfaces:
sources:
services: dhcpv6-client ipp-client ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules: