MAN page is here: https://firewalld.org/documentation/man-pages/firewall-cmd.html
Primary command is firewall-cmd
Default zone can be displayed with
firewall-cmd --get-default-zoneDefault zone can be changed with
firewall-cmd --set-default-zone=[zone]Active zones can be displayed with
firewall-cmd --get-active-zonesA list of all zones can be displayed with
firewall-cmd --get zonesA list of firewall rules can be displayed with
firewall-cmd --list-allA list of services to be used can be displayed with
firewall-cmd --get-servicesA service can be added to a specific zone with
firewall-cmd --zone=[zone] --add-service=[service]If --zone=[zone] is left out, the service will be added to the default zone
Verifying that the operation completed can be confirmed with
firewall-cmd --zone=[zone] --list-servicesTo add a remote host to a zone as an allowed source:
firewall-cmd --zone=[zone] --add-source=[source IP]Rules can be made permanent with the --permanent flag, or if the --permanent flag was not used, running
firewall-cmd --runtime-to-permanentNOTE: The --runtime-to-permanent command will overwrite the permanent configuration with the actively running configuration
FirewallD can be reloaded with
firewall-cmd --reload to reload and keep state information
firewall-cmd --complete-reload to reload the firewall completely