# firewall-cmd(1) Command line interface to the [firewalld(1)][man-firewalld] daemon. ## List current status of the firewall ```sh # List all services and ports for all zones. firewall-cmd --list-all # List all services. firewall-cmd --list-services # List all ports. firewall-cmd --list-ports ``` > Add `--zone ` to limit output to a given `ZONE`. Use `--get-zones` to > see all available zones. ## Add entries ```sh # Add a service to the firewall, use `--get-services` to list all available # service names. firewall-cmd --add-service # Add a specific port. firewall-cmd --add-port 8000/tcp # Add a rich rule (eg port forwarding, dnat). firewall-cmd --add-rich-rule 'rule family="ipv4" forward-port port="80" protocol="tcp" to-port="8080"' ``` ## Remove entries ```sh # Remove service. firewall-cmd --remove-service # Remove port. firewall-cmd --remove-port 8000/tcp # Remove rich rule. firewall-cmd --remove-rich-rule 'rule family="ipv4" forward-port port="80" protocol="tcp" to-port="8080"' ``` ## References - man [firewall-cmd(1)][man-firewall-cmd] - man [firewalld(1)][man-firewalld] [man-firewalld]: https://firewalld.org/documentation/man-pages/firewalld.html [man-firewall-cmd]: https://firewalld.org/documentation/man-pages/firewall-cmd.html