As I find myself infrequently changing firewall rules I often have to look up the syntax again and these tips cover 90% of what I want to do.
Get zone details; here is a quick reminder on how to find the default zone, find the active zone and finally list all the current rules.
firewall-cmd --get-default-zone
firewall-cmd --get-active-zone
firewall-cmd --list-all
Adding rules for https traffic
firewall-cmd --get-default-zone
firewall-cmd --zone=public --permanent --add-service=https
firewall-cmd --reload
firewall-cmd --zone=public --list-all
Adding rules for port 53 tcp
firewall-cmd --get-default-zone
firewall-cmd --zone=public --permanent --add-port=53/tcp
firewall-cmd --reload
firewall-cmd --zone=public --list-all