Verifying the status of firewalld

Let's start by verifying the status of firewalld. There are two ways to do this. For the first way, we can use the --state option of firewall-cmd:

[donnie@localhost ~]$ sudo firewall-cmd --state
 running
 [donnie@localhost ~]$

Alternatively, if we want a more detailed status, we can just check the daemon, the same as we would any other daemon on a systemd machine:

[donnie@localhost ~]$ sudo systemctl status firewalld
 firewalld.service - firewalld - dynamic firewall daemon
  Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled;
 vendor preset: enabled)
  Active: active (running) since Fri 2017-10-13 13:42:54 EDT; 1h 56min ago
  Docs: man:firewalld(1)
  Main PID: 631 (firewalld)
  CGroup: /system.slice/firewalld.service
  └─631 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
. . .
 Oct 13 15:19:41 localhost.localdomain firewalld[631]: WARNING: reject-
 route: INVALID_ICMPTYPE: No supported ICMP type., ignoring for run-time.
 [donnie@localhost ~]$

Next, let's have a look at firewalld zones.