1. iptables
① 备份/etc/sysconfig/iptables
cp /etc/sysconfig/iptables /etc/sysconfig/iptables_bak`date +%y%m%d`
② 修改/etc/sysconfig/iptables
##注释默认的允许所有ip地址ping
#-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
##允许特定地址ping
-A INPUT -p icmp -m icmp -s 11.16.21.10/32 --icmp-type 8 -j ACCEPT
-A INPUT -p icmp -m icmp -s 11.16.21.11/32 --icmp-type 8 -j ACCEPT
-A INPUT -p icmp -m icmp -s 11.16.21.12/32 --icmp-type 8 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j DROP
③ 重启iptables
systemctl restart iptables
2. firewalld
① 命令行执行以下命令
firewall-cmd --permanent --add-icmp-block-inversion
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address="11.16.21.10/32" icmp-type name="echo-request" accept'
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address="11.16.21.11/32" icmp-type name="echo-request" accept'
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address="11.16.21.12/32" icmp-type name="echo-request" accept'
② 重启防火墙
systemctl restart firewalld
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。