[Linux 常見問題] Open firewall port on CentOS 7

Source From Here 
Question 
I am using CentOS 7 and I have to ensure that ports 2888 and 3888 are open. I read this article but this did not work because on CentOS 7 OS there is no iptables save command. Someone told me that the above URL is not valid for CentOS 7. and I should follow this. But this article is not clear to me on exactly what command I need to execute. 

I also found: 

# firewall-cmd --zone=public --add-port=2888/tcp

but this does not survive reboots. 

So how can I open the ports and make it survive reboots? 

How-To 
Use this command to find your active zone(s): 

# firewall-cmd --get-active-zones
public
interfaces: eno1

It will say either public, dmz, or something else. You should only apply to the zones required. In the case of public try: 

// --permanent:
// The permanent option --permanent can be used to set options permanently. These changes are not effective immediately, only
// after service restart/reload or system reboot. Without the --permanent option, a change will only be part of the runtime
// configuration.
# firewall-cmd --zone=public --add-port=2888/tcp --permanent

Then remember to reload the firewall for changes to take effect. 

# firewall-cmd --reload

Finally, show the current firewalld status: 

# firewall-cmd --zone=public --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eno1
sources:
services: ssh dhcpv6-client http https
ports: 8088/tcp 80/tcp 2888/tcp

Supplement 
* CentOS Linux 7 以 firewalld 指令設定防火牆規則教學