$ firewall-cmd --zone=trusted --add-port=80/tcp$ iptables -L -n | grep 80ACCE

1. $ firewall-cmd --zone=trusted --add-port=80/tcp
2.  
3. $ iptables -L -n | grep 80
4. ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 ctstate NEW
5.  
6. $ firewall-cmd --zone=trusted --remove-port 80/tcp
7. success
8. $ firewall-cmd --zone=trusted --remove-port 80/tcp
9. Warning: NOT_ENABLED: '80:tcp' not in 'trusted'
10. success
11.  
12. firewall-cmd --zone=trusted --add-rich-rule='rule family="ipv4" port port="80" protocol="tcp" reject'
13.  
14. firewall-cmd --zone=trusted --add-rich-rule='rule family="ipv4" source NOT address="192.168.122.1" port port="80" protocol="tcp" reject'firewall-cmd --zone=trusted --add-rich-rule='rule family="ipv4" source NOT address="192.168.122.1" port port="80" protocol="tcp" reject'
15.  
16. firewall-cmd --zone=trusted --add-rich-rule='rule family="ipv4" source NOT address="192.168.122.1" port port="80" protocol="tcp" reject'firewall-cmd --zone=trusted --add-rich-rule='rule family="ipv4" source NOT address="192.168.122.0/24" port port="80" protocol="tcp" reject'