Firewalld: don't hardcode port numbers, make a custom service
When you have custom service you can add its ports to firewalld with
firewall-cmd --permanent --add-port=5000 (Not so nice)
But what about went you list the open ports in a year you'll get a meaningless bunch of numbers
So I prefer to create a service for all my custom ports. Lets say I want to run secure shell (ssh)
on custom port 2222
cp /lib/firewalld/services/ssh.xml /etc/firewalld/services/myssh.xml
This copies the stock ssh service definition to a place where you can customize it.
Change the port in /etc/firewalld/services/myssh.xml with your favourite text editor (its a simple xml file)
Then add it as a service:
firewall-cmd --permanent --add-service=myssh (Nice)
Of course the spelling of the name much be exact.
Now, when you see what services you have you'll see it.