To verify the status of the firewall service

$ sudo firewall-cmd --state

To check all the available zones in firewalld

$ sudo firewall-cmd --get-zones

To find out which is the default zone

$ sudo firewall-cmd --get-default-zone

To find a list of active zones and associated network interfaces

$ sudo firewall-cmd --get-active-zones

To find out if there are any rules listed in the active public zone

$ sudo firewall-cmd --list-all --zone="public"

To check the list of all available zones

$ sudo firewall-cmd --list-all-zones

To list all the available services in firewalld

$ sudo firewall-cmd --get-services

To add an existing service to the default zone

$ sudo firewall-cmd --add-service=https

To add a service permanently

$ sudo firewall-cmd --permanent --add-service=https

To reload the firewall

$ sudo firewall-cmd --reload

To migrate runtime settings to permanent

$ sudo firewall-cmd --runtime-to-permanent

To open a port in the public zone

$ sudo firewall-cmd --zone=public --add-port=<port_number>/udp

$ sudo firewall-cmd --zone=public --add-port=<port_number>/tcp

$ sudo firewall-cmd --zone=public --add-port=53/udp
$ sudo firewall-cmd --zone=public --add-port=53/tcp

To list open ports in firewalld

$ sudo firewall-cmd --list-ports

To display help options

$ firewall-cmd --help

To close or remove a port

$ sudo firewall-cmd --remove-port=5432/tcp

$ sudo firewall-cmd --reload

To list all rules

$ sudo firewall-cmd --list-all

To allow access to port 5432 only from IP 192.168.122.200

$ sudo firewall-cmd --permanent --zone=public --add-rich-rule 'rule family="ipv4" source address="192.168.122.200" port port=5432 protocol=tcp accept'

regards,

T.Dhanasekar