====== Konfiguration von firewalld mit firewall-cmd ======

===== Blocken einzelner IP-Adressen oder Subnetze =====

<code>
firewall-cmd             --add-rich-rule="rule family='ipv4' source address='a.b.c.d' reject"
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='a.b.c.d' reject"
</code>

<code>
firewall-cmd             --add-rich-rule="rule family='ipv4' source address='a.b.c.d/nm' reject"
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='a.b.c.d/nm' reject"
</code>

<code>
firewall-cmd --list-rich-rules
</code>

===== Öffnen einzelner Ports =====

<code>
firewall-cmd             --zone=public --add-port=51820/udp
firewall-cmd --permanent --zone=public --add-port=51820/udp
</code>

===== Öffnen von Portbereichen =====

<code>
firewall-cmd             --zone=public --add-port=60000-60020/udp
firewall-cmd --permanent --zone=public --add-port=60000-60020/udp
</code>