#999 Clarify support and stipulations for use of firewall in documentation (#1292)

* 999 Clarify support and stipulations for use of firewall in documentation

added scarier warning about firewalld usage

* revised language slightly

* Update docs/how-to-guides/advanced-user-guides/open-ports-with-firewalld.md

Co-authored-by: Sunil Singh <sunil.singh@suse.com>

* versioning, updated link, & abbreviated warning for v2.0-2.4

---------

Co-authored-by: Sunil Singh <sunil.singh@suse.com>

versioned_docs/version-2.5/getting-started/installation-and-upgrade/advanced-options/advanced-use-cases/open-ports-with-firewalld.md

@@ -2,7 +2,17 @@
 title: Opening Ports with firewalld
 ---
 
-> We recommend disabling firewalld. For Kubernetes 1.19.x and higher, firewalld must be turned off.
+:::danger
+
+Enabling firewalld can cause serious network communication problems. 
+
+For proper network function, firewalld must be disabled on systems running RKE2. [Firewalld conflicts with Canal](https://docs.rke2.io/known_issues#firewalld-conflicts-with-default-networking), RKE2's default networking stack.
+
+Firewalld must also be disabled on systems running Kubernetes 1.19 and later.
+
+If you enable firewalld on systems running Kubernetes 1.18 or earlier, understand that this may cause networking issues. CNIs in Kubernetes dynamically update iptables and networking rules independently of any external firewalls, such as firewalld. This can cause unexpected behavior when the CNI and the external firewall conflict.
+
+:::
 
 Some distributions of Linux [derived from RHEL,](https://en.wikipedia.org/wiki/Red_Hat_Enterprise_Linux#Rebuilds) including Oracle Linux, may have default firewall rules that block communication with Helm.