When we think of firewalls, we think of allowing or denial of access to ports. The use of service XML files can ease the port management with one service, perhaps listing multiple ports. The other point to take note of is that
firewalld daemon's default policy is to deny access, so any access needed has to be explicitly granted to a port associated with a service. To list services that have been allowed on the default zone, we can simply use the
--list-services option, as shown in the following example:
# firewall-cmd --list-services
Similarly, we can gain access to services allowed in a specific zone by including the
--zone= option. This can be seen in the following example:
# firewall-cmd --zone=home --list-services ...