systemctl start firewalld
    systemctl restart firewalld.service
    firewall-cmd —zone=public —add-port=1556/tcp —permanent
    firewall-cmd —zone=public —add-port=13724/tcp —permanent
    firewall-cmd —zone=public —add-port=13782/tcp —permanent
    firewall-cmd —reload
    firewall-cmd —zone=public —list-ports

    1. [root@ntp-server-it-ap02 ~]# systemctl status firewalld.service 
    2.  firewalld.service - firewalld - dynamic firewall daemon
    3.    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
    4.    Active: active (running) since Fri 2020-07-03 18:06:32 CST; 8s ago
    5.      Docs: man:firewalld(1)
    6.  Main PID: 14748 (firewalld)
    7.    CGroup: /system.slice/firewalld.service
    8.            └─14748 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
    10. Jul 03 18:06:32 ntp-server-it-ap02 systemd[1]: Starting firewalld - dynamic firewall daemon...
    11. Jul 03 18:06:32 ntp-server-it-ap02 systemd[1]: Started firewalld - dynamic firewall daemon.
    12. Jul 03 18:06:33 ntp-server-it-ap02 firewalld[14748]: WARNING: ICMP type 'beyond-scope' is not supported by the kernel for ipv6.
    13. Jul 03 18:06:33 ntp-server-it-ap02 firewalld[14748]: WARNING: beyond-scope: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time.
    14. Jul 03 18:06:33 ntp-server-it-ap02 firewalld[14748]: WARNING: ICMP type 'failed-policy' is not supported by the kernel for ipv6.
    15. Jul 03 18:06:33 ntp-server-it-ap02 firewalld[14748]: WARNING: failed-policy: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time.
    16. Jul 03 18:06:33 ntp-server-it-ap02 firewalld[14748]: WARNING: ICMP type 'reject-route' is not supported by the kernel for ipv6.
    17. Jul 03 18:06:33 ntp-server-it-ap02 firewalld[14748]: WARNING: reject-route: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time.
    18. [root@ntp-server-it-ap02 ~]# rpm -qa|grep firewalld;rpm -qa|grep firewall-config
    19. firewalld-filesystem-0.4.4.4-6.el7.noarch
    20. firewalld-0.4.4.4-6.el7.noarch
    21. firewall-config-0.4.4.4-6.el7.noarch
    22. [root@ntp-server-it-ap02 ~]# rpm -qi firewalld firewall-config 
    23. Name        : firewalld
    24. Version     : 0.4.4.4
    25. Release     : 6.el7
    26. Architecture: noarch
    27. Install Date: Thu 21 May 2020 09:10:13 AM CST
    28. Group       : Unspecified
    29. Size        : 1852322
    30. License     : GPLv2+
    31. Signature   : RSA/SHA256, Mon 12 Jun 2017 07:17:20 PM CST, Key ID 199e2f91fd431d51
    32. Source RPM  : firewalld-0.4.4.4-6.el7.src.rpm
    33. Build Date  : Mon 12 Jun 2017 07:12:33 PM CST
    34. Build Host  : x86-037.build.eng.bos.redhat.com
    35. Relocations : (not relocatable)
    36. Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
    37. Vendor      : Red Hat, Inc.
    38. URL         : http://www.firewalld.org
    39. Summary     : A firewall daemon with D-Bus interface providing a dynamic firewall
    40. Description :
    41. firewalld is a firewall service daemon that provides a dynamic customizable
    42. firewall with a D-Bus interface.
    43. Name        : firewall-config
    44. Version     : 0.4.4.4
    45. Release     : 6.el7
    46. Architecture: noarch
    47. Install Date: Thu 21 May 2020 09:11:44 AM CST
    48. Group       : Unspecified
    49. Size        : 1158110
    50. License     : GPLv2+
    51. Signature   : RSA/SHA256, Mon 12 Jun 2017 07:17:21 PM CST, Key ID 199e2f91fd431d51
    52. Source RPM  : firewalld-0.4.4.4-6.el7.src.rpm
    53. Build Date  : Mon 12 Jun 2017 07:12:33 PM CST
    54. Build Host  : x86-037.build.eng.bos.redhat.com
    55. Relocations : (not relocatable)
    56. Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
    57. Vendor      : Red Hat, Inc.
    58. URL         : http://www.firewalld.org
    59. Summary     : Firewall configuration application
    60. Description :
    61. The firewall configuration application provides an configuration interface for
    62. firewalld.
    63. [root@ntp-server-it-ap02 ~]# 
    65. [root@ntp-server-it-ap02 ~]# firewall-cmd --permanent --zone=public --add-port=323/udp
    66. Warning: ALREADY_ENABLED: 323:udp
    67. success
    68. [root@ntp-server-it-ap02 ~]# firewall-cmd --reload
    69. success
    70. [root@ntp-server-it-ap02 ~]# 
    71. [root@ntp-server-it-ap02 ~]# 
    72. [root@ntp-server-it-ap02 ~]# firewall-cmd --zone=public --list-ports
    73. 323/udp
    74. [root@ntp-server-it-ap02 ~]#
    1. [root@ntp-server-it-ap02 ~]# firewall-cmd --list-all --permanent
    2. public
    3.   target: default
    4.   icmp-block-inversion: no
    5.   interfaces: 
    6.   sources: 
    7.   services: ssh dhcpv6-client ntp
    8.   ports: 323/udp
    9.   protocols: 
    10.   masquerade: no
    11.   forward-ports: 
    12.   source-ports: 
    13.   icmp-blocks: 
    14.   rich rules: 
    16. [root@ntp-server-it-ap02 ~]#

    firewall-cmd —permanent —zone=public —remove-port=8530/tcp