修改public.xml 文件。 不要去考虑修改 ssh.xml文件, 一直在思考修改ssh.xml文件,是不行的。
vi /etc/firewalld/zones/public.xml
<?xml version="1.0" encoding="utf-8"?>
<zone>
<short>Public</short>
<description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
<service name="dhcpv6-client"/>
<rule family="ipv4">
<source address="10.0.0.0/23"/>
<service name="ssh"/>
<accept/>
</rule>
<rule family="ipv4">
<source address="172.16.0.0/23"/>
<service name="ssh"/>
<accept/>
</rule>
<masquerade/>
</zone>
