# Firewalld

## Cheatsheet

 * Ouvrir un port :
```
firewall-cmd --permanent --add-port=22/tcp
systemctl reload firewalld
```
* Lister les ports ouverts : `sudo firewall-cmd --list-all`
* Ajouter des rich rules : `firewall-cmd --permanent --add-rich-rule='rule family="ipv6" source address="2001:db8:cafe:bc68::1" port port="9100" protocol="tcp" accept'`
* Forwarder un port :
  * `firewall-cmd --permanent --add-forward-port=port=3724:proto=tcp:toport=:toaddr=10.114.0.12`

### Liens utiles

* [https://www.rootusers.com/how-to-use-firewalld-rich-rules-and-zones-for-filtering-and-nat/](https://www.rootusers.com/how-to-use-firewalld-rich-rules-and-zones-for-filtering-and-nat/)