How to manage firewall on Centos7 with firewall-cmd

Centos7 is a great server OS. There are bunch of other sites, which describe how to manage firewall rules, here I am just gathering those, that I often use, so I don’t have to google them again.

# show firewall state
firewall-cmd --state
# list all rules
firewall-cmd --list-all
# accept (allow everything) from the network range
firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="" accept'
# add specific service for public access
firewall-cmd --zone=public --add-service=http
firewall-cmd --zone=public --add-service=https
# save running configuration, so it is maintained after reboot
firewall-cmd --runtime-to-permanent