firewall-cmd --add-rich-rule="rule family='ipv4' source address='a.b.c.d' reject" firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='a.b.c.d' reject"
firewall-cmd --add-rich-rule="rule family='ipv4' source address='a.b.c.d/nm' reject" firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='a.b.c.d/nm' reject"
firewall-cmd --list-rich-rules
firewall-cmd --zone=public --add-port=51820/udp firewall-cmd --permanent --zone=public --add-port=51820/udp
firewall-cmd --zone=public --add-port=60000-60020/udp firewall-cmd --permanent --zone=public --add-port=60000-60020/udp