firewall-cmd

Available Commands

General

--state display the status
--reload reload firewall rules from zone files, all runtime changes are lost
--permanent store a change persistently

Zones

--get-default-zone show the name of the default/active zone
--set-default-zone set the name of the default zone, always permanent
--get-zones show available zones
--get-active-zones show the active zone and assigned interfaces
--list-all show all settings for a zone
--list-all-zones show the settings for all available zones
--zone specifies the name of the zone to work on (empty = default)

Services

--get-services show predefined services
--list-services show services for zone
--add-service add service to zone
--remove-service remove service from zone
--query-service query presence of service

Ports

--list-ports list network ports
--add-port add port or port range to zone
--remove-port remove port or port range from zone
--query-port query presence of port

Network Connections

--list-interfaces list network connections assigned to zone
--add-interface add network connection to zone
--change-interface change network connection to zone
--remove-interface remove network connection from zone

IP Sources

--list-sources show IP sources assigned to zone
--add-source add IP source to zone
--change-source change IP source to zone
--remove-source remove IP source from zone