firewall-cmd - is the command line client of the firewalld daemon

To verify the status of the firewall service $ sudo firewall-cmd --state

To check all the available zones in firewalld $ sudo firewall-cmd --get-zones

To find out which is the default zone $ sudo firewall-cmd --get-default-zone

To find a list of active zones and associated network interfaces $ sudo firewall-cmd --get-active-zones

To find out if there are any rules listed in the active public zone $ sudo firewall-cmd --list-all --zone="public"

To check the list of all available zones $ sudo firewall-cmd --list-all-zones

To list all the available services in firewalld $ sudo firewall-cmd --get-services

To add an existing service to the default zone $ sudo firewall-cmd --add-service=https

To add a service permanently $ sudo firewall-cmd --permanent --add-service=https

To reload the firewall $ sudo firewall-cmd --reload

To migrate runtime settings to permanent $ sudo firewall-cmd --runtime-to-permanent

To open a port in the public zone $ sudo firewall-cmd --zone=public --add-port=<port_number>/udp $ sudo firewall-cmd --zone=public --add-port=<port_number>/tcp $ sudo firewall-cmd --zone=public --add-port=53/udp $ sudo firewall-cmd --zone=public --add-port=53/tcp

To list open ports in firewalld $ sudo firewall-cmd --list-ports

To display help options $ firewall-cmd --help

To close or remove a port $ sudo firewall-cmd --remove-port=5432/tcp $ sudo firewall-cmd --reload

To list all rules $ sudo firewall-cmd --list-all

To allow access to port 5432 only from IP 192.168.122.200 $ sudo firewall-cmd --permanent --zone=public --add-rich-rule 'rule family="ipv4" source address="192.168.122.200" port port=5432 protocol=tcp accept'

regards, T.Dhanasekar