List all open ports for a zone, for example dmz, by entering the following command as root:

~]# firewall-cmd --zone=dmz --list-ports

To add a port to a zone, for example to allow TCP traffic to port 8080 to the dmz zone, enter the following command as root:

~]# firewall-cmd --zone=dmz --add-port=8080/tcp

To make this setting permanent, add the --permanent option and reload the firewall.

To add a range of ports to a zone, for example to allow the ports from 5060 to 5061 to the public zone, enter the following command as root:

~]# firewall-cmd --zone=public --add-port=5060-5061/udp

To make this setting permanent, add the --permanent option and reload the firewall.