FirewallD has replaced IPTables as the default firewall in CentOS 7. You can disable it and install iptables if you prefer.
First we want to stop firewalld, and disable the service at startup.
systemctl stop firewalld && systemctl mask firewalld
Now we want to install iptables, set it to start at boot, and start the service.
yum -y install iptables-services
systemctl enable iptables
# optional for ipv6 compatability
systemctl enable ip6tables
# Start IPTables
systemctl start iptables
#optional for ipv6 compatability
systemctl start ip6tables