diff --git a/pages/linux/firewall-cmd.md b/pages/linux/firewall-cmd.md
index beee7996cd..3809533d0d 100644
--- a/pages/linux/firewall-cmd.md
+++ b/pages/linux/firewall-cmd.md
@@ -10,6 +10,10 @@
 
 `firewall-cmd --list-all`
 
+- Permanently move the interface into the block zone, effectively blocking all communication:
+
+`firewall-cmd --permanent --zone={{block}} --change-interface={{enp1s0}}`
+
 - Permanently open the port for a service in the specified zone (like port `443` when in the `public` zone):
 
 `firewall-cmd --permanent --zone={{public}} --add-service={{https}}`
@@ -18,6 +22,10 @@
 
 `firewall-cmd --permanent --zone={{public}} --remove-service={{http}}`
 
+- Permanently open two arbitrary ports in the specified zone:
+
+`firewall-cmd --permanent --zone={{public}} --add-port={{25565/tcp}} --add-port={{19132/udp}}`
+
 - Reload firewalld to force rule changes to take effect:
 
 `firewall-cmd --reload`