1. iptables

① 備份/etc/sysconfig/iptables

cp /etc/sysconfig/iptables /etc/sysconfig/iptables_bak`date +%y%m%d`

② 修改/etc/sysconfig/iptables

##註釋默認的允許所有ip地址ping
#-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT 
##允許特定地址ping
-A INPUT -p icmp -m icmp -s 11.16.21.10/32 --icmp-type 8 -j ACCEPT
-A INPUT -p icmp -m icmp -s 11.16.21.11/32 --icmp-type 8 -j ACCEPT
-A INPUT -p icmp -m icmp -s 11.16.21.12/32 --icmp-type 8 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j DROP

③ 重啓iptables

systemctl restart iptables

2. firewalld

① 命令行執行以下命令

firewall-cmd --permanent --add-icmp-block-inversion
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address="11.16.21.10/32" icmp-type name="echo-request" accept'
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address="11.16.21.11/32" icmp-type name="echo-request" accept'
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address="11.16.21.12/32" icmp-type name="echo-request" accept'

② 重啓防火牆

systemctl restart firewalld