firewalld

allow mysql access from 10.176.160.15

firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="10.176.160.15/32" port protocol="tcp" port="3306" accept'

allow ssh access from 174.47.123.241

firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="174.47.123.241/32" port protocol="tcp" port="22" accept'

from range 10.0.0.0/8 port forward port 22 to port 2222

firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address=10.0.0.0/8 forward-port port=22 protocol=tcp to-port=2222

allow ipv4 traffic from 192.168.0.14

firewall-cmd --permanent --add-rich-rule 'rule family="ipv4" source address=192.168.0.14 accept'