Here is the long process into short manner: Switching from Firewalld to Iptables in CentOS 7
1. First make sure to backup your existing firealld rules, before making a switch to iptables:
$ sudo iptables -S | tee ~/firewalld_iptables_rules
$ sudo ip6tables -S | tee ~/firewalld_ip6tables_rules
2. Next install the iptables-services package from the default CentOS repository
$ sudo yum install iptables-services
The above iptable package will install systemd files that used to manage iptables service and also it will write some default iptables and ip6tables configuration files to the /etc/sysconfig directory.
3. Next disable firewalld service
$ sudo systemctl mask firewalld
$ systemctl stop firewalld
4. Now enable iptables service.
$ sudo systemctl enable iptables
$ systemctl enable ip6tables
$ systemctl start iptables
$ systemctl start ip6tables
5. Now install TCP wrapper called xinetd to manage hosts.allow and hosts.deny files to block and allow certain Ports..