firewalld – enable logging

firewalld by default does not allow packets that are dropped. In some cases, you need to find out if some packet is being dropped or not. For doing so you may want to enable logging of dropped packets with the following command:

sudo firewall-cmd  --set-log-denied=all

This will enable logging all the packets and help you figure out if firewalld is dropping the packet.