Display current date & time

# timedatectl
Change curent time
# timedatectl set-time HH:MM:SS
Change the current date
# timedatectl set-time YYY-MM-DD
set time zone
# timedatectl list-timezones
#timedatectl set-timezone Europe/Prague
Installing Firewalld
# yum install firewalld firewall-config
# systemctl disable firewalld
# systemctl stop firewalld
To install iptables service
# yum install iptables-services
# systcmctl start iptables
# systemctl start ip6tables
# systemctl enable iptables
# systemctl enable ip6tables
To start firewalld
# systemctl start firewalld
To check whether it is running
# systemctl status firewalld
# firewall-cmd status
# firewall-cmd version
# firewall-cmd help
To view firewall settings
# firewall-cmd state

To view list of active zones

# firewall-cmd get-active-zones
to find out the zone that an interface for example em1
# firewall-cmd get-zone-of-interface=em1
To find out all the interface assigned to a zone
# firewall-cmd zone=public list-interfaces
em1 wlan0
# firewall-cmd zone=public list-all
# firewall-cmd get-services
To view list of services
# firewall-cmd get-services
if custom service is created but not loaded
# firewall-cmd permanent --get-services
Drop All Packets
# firewall-cmd panic-on
# firewall-cmd panic -off
to find out if panic mode is enabled or disabled
# firewall-cmd query-panic
# firewall-cmd --reload
# firewall-cmd completed-reload
To add interface to zone
# firewall-cmd zone=public add-interface=em1
to add an interface to a zone by editing the ifcfg-em1 or ifcfg-eth0
ZONE=work
Configure the Default zone by editing the firewalld configuration files

vim /etc/firewalld/firewalld.conf
DefaultZone=home
# firewalld-cmd reload
Set default zone
# firewall-cmd set-default-zone=public
to list all open port
# firewall-cmd zone=dmz list-ports
open ports
# firewall-cmd zone=dmz add-port=8080/tcp
to permanent
# firewall-cmd zone=dmz permanent add=port=5060-5061/udp
Add service to a zone
# firewall-cmd zone=work add-service=smtp
Remove service from a zone
#firewall-cmd zone=work remove-service=smtp
# firewall-cmd reload
add service to a zone by editing XML files
# ls /usr/lib/firewalld/zones
Configure ip address masquerading
# firewall-cmd zone=external query-masquerade
to enable ip masquerading
# firewall-cmd zone=external add-masquerade
to remove
# firewall-cmd zone=external remove-masquerade

port forward
# firewall-cmd zone=external add-forward-port=port=22:proto=tcp:toport=3753
to forward packets to another ipv4 address
# firewall-cmd zone=external add-forward-port=port=22:proto:tcp:toaddr=192.168.0.2
To forward to address and to port
# firewall-cmd zone=external add-forward-port=port=22:proto=tcp:toport=2055:toaddr=192.168.0.5

# firewall-cmd get-zones
# firewall-cmd get-default-zone
# firewall-cmd list-all-zones
# firewall-cmd set-default-zone=internal
# firewall-cmd get-default-zone
# firewall-cmd get-zone-of-interface=enp0s3
# firewall-cmd get-icmptypes
# firewall-cmd get-services
To get the list of all the default available services.
#cd /usr/lib/firewalld/services
# ls
To create your own service
service for RTMP port 1935
# cd /etc/firewalld/services
# cp /usr/lib/firewalld/services/ssh.xml /etc/firewalld/services/
# mv ssh.xml rtmp.xml
# vim rtmp.xml
<?xml version=1.0 encoding=utf-8?>
<service>
<short>rtmp</short>
<description> to allow RTMP Streaming</description>
<port protocol=tcp port=1935>
</service>
# firewall-cmd reload
# fiewall-cmd get-services
# firwall-cmd state
# firewall-cmd get-active-zone
# firewall-cmd get-service

# firewall-cmd add-service=rtmp
# firewall-cmd zone=public remove-service=rtmp
# firewall-cmd add-service=rtmp permanent
# firewall-cmd reload