From 49b25ecf13276bf229f353596ed6eb3baabf0d13 Mon Sep 17 00:00:00 2001
From: Aminda Suomalainen <suomalainen+git@mikaela.info>
Date: Sat, 9 Sep 2023 10:50:06 +0300
Subject: [PATCH] n/firewalld: initial commit

Resolves: #276
---
 n/firewalld.md | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 n/firewalld.md

diff --git a/n/firewalld.md b/n/firewalld.md
new file mode 100644
index 0000000..dff836c
--- /dev/null
+++ b/n/firewalld.md
@@ -0,0 +1,55 @@
+---
+layout: null
+permalink: /n/firewalld.html
+redirect_from:
+  - /n/firewall-cmd.html
+sitemap: false
+---
+
+# Quick note on firewalld usage
+
+This is practically [/ufw](/ufw), but fore Firewalld which Fedora comes with.
+The blog post also predates me having a /n directory here.
+
+**_After done, run `sudo firewall-cmd --reload`_**
+
+<!-- editorconfig-checker-disable -->
+<!-- prettier-ignore-start -->
+
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
+
+- [Zones](#zones)
+- [Services](#services)
+- [Ports](#ports)
+
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
+
+<!-- prettier-ignore-end -->
+<!-- editorconfig-checker-enable -->
+
+## Zones
+
+firewalld zones are privilege of NetworkManager users, this tends to be
+a systemd-networkd household. Then again I don't believe in absolutely trusted
+zones.
+
+Zone would be specified by `--zone=home` in the commands. The other zone I
+could imagine using is `public`.
+
+## Services
+
+```bash
+sudo firewall-cmd --add-service=mosh --permanent
+```
+
+## Ports
+
+```bash
+# TODO: Don't do this, this is a ppor example.
+# firewalld surely recognises 631 as a service of some name,
+# and as noted before, --zone won't work on my systems.
+sudo firewall-cmd --zone=home --permanent --add-port=631/tcp
+```
+
+- 631/tcp is used by cups.