firewall の編集

#範囲指定
 firewall-cmd --zone=home --add-source=192.168.10.0/24 --permanent
 firewall-cmd --zone=internal --add-source=153.231.230.72/29 --permanent

#削除
 firewall-cmd --remove-service=smtp-submission --permanent
 firewall-cmd --remove-service=smtp-submission --zone=home --permanent
 firewall-cmd --remove-service=smtp-submission --zone=internal --permanent

firewall-cmd --remove-port=587/tcp --permanent
 firewall-cmd --remove-port=587/tcp --zone=home --permanent
 firewall-cmd --remove-port=587/tcp --zone=internal --permanent

#確認
 firewall-cmd --list-service
 firewall-cmd --list-service --zone=home
 firewall-cmd --list-service --zone=internal

#確認2
 firewall-cmd --list-ports
 firewall-cmd --list-ports --zone=home
 firewall-cmd --list-ports --zone=internal

firewall-cmd --list-all
 firewall-cmd --list-all --zone=home
 firewall-cmd --list-all --zone=internal

firewall-cmd --list-forward-port
 firewall-cmd --list-forward-port --zone=home
 firewall-cmd --list-forward-port --zone=internal

#追加固定
 firewall-cmd --add-service=smtp-submission --permanent
 firewall-cmd --add-service=smtp-submission --zone=home --permanent
 firewall-cmd --add-service=smtp-submission --zone=internal --permanent

firewall-cmd --add-port=587/tcp --permanent
 firewall-cmd --add-port=587/tcp --zone=home --permanent
 firewall-cmd --add-port=587/tcp --zone=internal --permanent

#再読み込み
 firewall-cmd --reload

#587の転送も追加すること！
 firewall-cmd --add-forward-port=port=587:proto=tcp:toport=25 --permanent
 firewall-cmd --add-forward-port=port=587:proto=tcp:toport=25 --zone=home --permanent
 firewall-cmd --add-forward-port=port=587:proto=tcp:toport=25 --zone=internal --permanent

dhcpv6-client dns ftp http https imap imaps mysql ntp pop3 pop3s smtp smtp-submission smtps
 cockpit dhcpv6-client dns ftp http https imap imaps mdns mysql pop3 pop3s samba-client smtp smtp-submission smtps ssh
 cockpit dhcpv6-client dns ftp http https imap imaps mdns mysql pop3 pop3s samba-client smtp smtp-submission smtps ssh

タイムスタンプを変更しない