firewall-cmd

install, enable and start firewalld

# dnf install firewalld
# systemctl enable firewalld
# systemctl start firewalld

is firewalld active

# firewall-cmd --state

running

check network cards

# nmcli con show

NAME UUID TYPE DEVICE
production 5e3bbe09-1594-4b60-aa69-47e0bec3c2d9 ethernet eth0
backup 9c92fad9-6ecb-3e6c-eb4d-8a47c6f50c04 ethernet eth1

get active zones

# firewall-cmd --get-active-zones

public
interfaces: eth0 eth1
work
interfaces:

change interface to another zone

# firewall-cmd --zone=work --change-interface=eth0 --permanent
# firewall-cmd --zone=backup --change-interface=eth1 --permanent

list all information

# firewall-cmd --list-all

your-own-zone (active)
target: default
icmp-block-inversion: no
interfaces: bond0 bond0.007
sources:
services: dhcpv6-client ssh
ports: 1521/tcp 3181-3186/tcp 5128/tcp 22521/tcp 23521/tcp 24521/tcp 25521/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

currently set default zone?

# firewall-cmd --get-default-zone

public

list all zones

# firewall-cmd --list-all-zones

choose your own zone (this time work)

# firewall-cmd --set-default-zone=work

add your own port.

# firewall-cmd --permanent --zone=work --add-service=ssh
# firewall-cmd --permanent --zone=work --add-port=1521/tcp
# firewall-cmd --zone=privatebackup --permanent --add-rich-rule='rule family="ipv4" source address=192.168.48.0/24 port port="12800-12801" protocol=tcp accept'
# firewall-cmd --reload

More information: https://www.golinuxcloud.com/firewalld-cheat-sheet/

Page updated

Google Sites

Report abuse