# Test Page

### Set Zones:

```bash
sudo firewall-cmd --zone=external --change-interface=eth0 --permanent
sudo firewall-cmd --zone=internal --change-interface=eth1 --permanent
```

### Set up Masquerading:

```bash
sudo firewall-cmd --zone=external --add-masquerade --permanent
```

### Allow ICMP External:

```bash
sudo firewall-cmd --zone=external --remove-icmp-block=echo-reply --permanent
sudo firewall-cmd --zone=external --remove-icmp-block=echo-request --permanent
```

### To Allow Internal Traffic:

Add

```bash
sudo firewall-cmd --zone=internal --add-service=http --permanent
# or
sudo firewall-cmd --zone=internal --add-port=80 --permanent
```

Remove

```bash
sudo firewall-cmd --zone=internal --remove-service=http --permanent
# or
sudo firewall-cmd --zone=internal --remove-port=80 --permanent
```

### Port forward from internal to external:

Add

```bash
firewall-cmd --zone=external --add-forward-port=port=80:proto=tcp:toaddr=192.168.2.2 --permanent
firewall-cmd --zone=external --add-forward-port=port=443:proto=tcp:toaddr=192.168.2.2 --permanent
```

Remove

```
firewall-cmd --zone=external --remove-forward-port=port=80:proto=tcp:toaddr=192.168.2.2 --permanent
firewall-cmd --zone=external --remove-forward-port=port=443:proto=tcp:toaddr=192.168.2.2 --permanent
```