Firewalld
Reference
https://firewalld.org/documentation/man-pages/firewall-cmd.html
Zones
firewall-cmd --get-zones # list zones
firewall-cmd --list-all --zone=external # show a zone settings
firewall-cmd --list-all-zones # show all zones settings
firewall-cmd --permanent --zone=trusted --add-interface=ens192 # add interface to zone
firewall-cmd --permanent --zone=external --remove-interface=ens224 # remove interface from zone
Services
firewall-cmd --permanent --zone=internal --add-service=dhcp
firewall-cmd --permanent --zone=internal --remove-service=dns
Ports
firewall-cmd --permanent --zone=internal --add-port=2379/tcp
firewall-cmd --permanent --zone=internal --remove-port=2380/tcp
Forwarding
firewall-cmd --permanent --zone=external --add-forward-port=port=10122:proto=tcp:toaddr=10.10.1.1:toport=22
Chaining
firewall-cmd --permanent --zone=internal --direct --add-rule ipv4 filter FORWARD 0 -i ens192 -o ens224 -j ACCEPT
firewall-cmd --permanent --zone=external --direct --add-rule ipv4 filter FORWARD 0 -i ens224 -o ens192 -j ACCEPT
Reload
firewall-cmd --reload
firewall-cmd --complete-reload