记住一些简单的就行.
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --remove-port=53/udp --permanent
firewall-cmd --permanent --zone=public --add-port=3000-5000/tcp 端口范围
开放TCP 80, permanent是永久开放.
完了reload一下.
firewall-cmd --reload
firewall-cmd --list-all

yum install firewalld firewall-config

systemctl start firewalld # 启动
systemctl status firewalld # 或者 firewall-cmd --state 查看状态
systemctl disable firewalld # 停止
systemctl stop firewalld # 禁用

启用服务的时候
systemctl start firewalld
有时候会提示"Failed to start firewalld.service: Unit is masked."

systemctl unmask firewalld
然后再重新启动一次服务

更详细的看:
https://wangchujiang.com/linux-command/c/firewall-cmd.html

port=3306 && after="2019-01-01" && type="service" && base_protocol="tcp" && protocol==mysql && country=JP &&org="KDDI CORPORATION"