about:

CentOS7 uses firewalld which is a frontend for iptables.

firewalld ships by default on the following Linux distributions:[6]

firewalld is enabled by default in all the distributions that rely on it as their default firewall. firewalld is also available as one of many firewall options in the package repository of many other popular distributions such as Debian.[10](src)

grafical frontend / gui gnome2 / mate desktop:

 yum install firewall-applet

tested with:

hostnamectl 
  Operating System: CentOS Linux 7 (Core)
  Architecture: x86-64
  Kernel: Linux 3.10.0-693.17.1.el7.x86_64

firewall-cmd -V
0.4.4.4

yum list installed|grep firewall
firewalld.noarch                   0.4.4.4-6.el7                       @anaconda
firewalld-filesystem.noarch        0.4.4.4-6.el7                       @anaconda
python-firewall.noarch             0.4.4.4-6.el7                       @anaconda

lets get started:

firewall-cmd --get-active-zones
public
 interfaces: eth0

for example, if your zone is public and you want to open port 80:

firewall-cmd --zone=public --add-port=80/tcp --permanent

reload the firewall for changes to take effect:

firewall-cmd --reload

to check scan port from client:

nmap -v -p 0-65535 -sS 192.168.0.94
PORT   STATE SERVICE
22/tcp open  ssh
80/tcp open  http

Links:

https://dwaves.org/2017/07/27/centos7-iptables-firewall-replaced-by-firewalld/

project website: http://www.firewalld.org/

admin