=====Manage Network Security=====

you interface with the firewall using the **firewall-cmd** it makes changes to the file /etc/firewalld/zones/public.xml

here are some options

^  command option   ^  what it does  ^
|  <nowiki>--get-default-zone</nowiki>  | List the default zone  |
|  <nowiki>--list-all</nowiki>  |  list all settings of the zone specified, if none is specified (needs the <nowiki>--zone</nowiki> ) it gives settings option for default |
|  <nowiki>--add-service</nowiki>  | enables the ports used by the service through the firewall (need <nowiki> --permanent</nowiki>) example <code> --add-service nfs --permanent </code> |
|  <nowiki>--info-service</nowiki>  | get details of what the service for example <code> --info-service https</code> |
|  <nowiki>--reload</nowiki>  | reloads firewall  |
|  <nowiki>--runtime-to-permanent</nowiki>  | converts runtime configuration to a permanent config |
|  <nowiki>--remove-service</nowiki>  | removes ports enabled by the service mentioned example <code>  --remove-service http</code>|
|  <nowiki>--add-port port/(tcp or udp)</nowiki>  | to specify a port example <code>--add-port 1234/tcp</code>  |
|  <nowiki>--get-services</nowiki>  | list all predefined services  |