LIST ALL ZONES:
  [root@ system]# firewall-cmd --get-zones
  block dmz drop external home internal public trusted work

  each zone has an *.xmo file in /etc/firewalld/zones

QUERY DEFAULT ZONE:
  [root@ system]# firewall-cmd --get-default-zone
  public

GET ACTIVE ZONES:
  [root@ system]# firewall-cmd --get-active-zones
  [root@ system]#
  
MOVE AN EXSITING ZONE TO A DIFFERENT INTERFACE:
  [root@ system]# firewall-cmd --zone=internal --change-interface=eth0

LIST AVAILABLE PREDEFINED SERVICES:
  [root@ system]# firewall-cmd --get-services
  RH-Satellite-6 amanda-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns ftp high-availability http https imaps ipp ipp-client ipsec kerberos kpasswd ldap ldaps libvirt libvirt-tls mdns mountd ms-wbt mysql nfs ntp openvpn   pmcd pmproxy pmwebapi pmwebapis pop3s postgresql proxy-dhcp radius rpc-bind samba samba-client smtp ssh telnet tftp tftp-client transmission-client vnc-server wbem-https


STANDARD PORTS NEEDED:
  [root@ system]# firewall-cmd --zone=public --add-service=ssh --permanent
  success
  [root@ system]# firewall-cmd --zone=public --add-service=http --permanent
  success
  [root@ system]# firewall-cmd --zone=public --add-service=https --permanent
  success
  [root@ system]# firewall-cmd --zone=public --add-service=https --permanent
  success

TEAMPEAK STUFF / Custom Ports and Protocols:
  [root@ system]# firewalld-cmd --permanent --zone=public --add-port=9987/udp
  success
  [root@ system]# firewalld-cmd --permanent --zone=public --add-port=30033/tcp
  success
  [root@ system]# firewalld-cmd --permanent --zone=public --add-port=10011/tcp 
  success

RELOAD THE RULES:
  [root@ system]# firewall-cmd --reload
  [root@ system]# success