https://fedoraproject.org/wiki/FirewallD
http://oracle-base.com/articles/linux/linux-firewall-firewalld.php
http://www.certdepot.net/rhel7-get-started-firewalld/
FirewallD is the default firewall implementation on CentOS 7.
firewall-cmd --help
firewall-cmd --state firewall-cmd --reload firewall-cmd --complete-reload firewall-cmd --get-zones firewall-cmd --get-default-zone firewall-cmd --get-services firewall-cmd --get-services firewall-cmd --get-icmptypes firewall-cmd --list-all-zones firewall-cmd --zone=public --list-all firewall-cmd --zone=public --add-interface=eth0 # activate the (Public) firewall on ''eth0''
Allow HTTP and HTTPS to a web server:
firewall-cmd --permanent --zone=public --add-service=http --add-service=https firewall-cmd --reload
You may need to install some tools on minimal installs:
yum -y install policycoreutils-python net-tools
Change the port in the SSH daemon configuration:
vim /etc/ssh/sshd_config
Fix selinux RBAC:
semanage port -a -t ssh_port_t -p tcp 2222
Modify the firewall:
firewall-cmd --permanent --zone=public --add-port=2222/tcp firewall-cmd --reload
Restart the SSH service:
systemctl restart sshd.service netstat -tapn