From c3eb93f17475521fdb45698f419e90270d294f18 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Zapletal?= <lzap@redhat.com>
Date: Tue, 3 Mar 2020 18:21:21 +0100
Subject: [PATCH] firewall-cmd: add zone change and arbitrary ports (#3815)

---
 pages/linux/firewall-cmd.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pages/linux/firewall-cmd.md b/pages/linux/firewall-cmd.md
index beee7996cd..3809533d0d 100644
--- a/pages/linux/firewall-cmd.md
+++ b/pages/linux/firewall-cmd.md
@@ -10,6 +10,10 @@
 
 `firewall-cmd --list-all`
 
+- Permanently move the interface into the block zone, effectively blocking all communication:
+
+`firewall-cmd --permanent --zone={{block}} --change-interface={{enp1s0}}`
+
 - Permanently open the port for a service in the specified zone (like port `443` when in the `public` zone):
 
 `firewall-cmd --permanent --zone={{public}} --add-service={{https}}`
@@ -18,6 +22,10 @@
 
 `firewall-cmd --permanent --zone={{public}} --remove-service={{http}}`
 
+- Permanently open two arbitrary ports in the specified zone:
+
+`firewall-cmd --permanent --zone={{public}} --add-port={{25565/tcp}} --add-port={{19132/udp}}`
+
 - Reload firewalld to force rule changes to take effect:
 
 `firewall-cmd --reload`