To perform the same action in iptables, we must first ensure that firewalld doesn't interfere.

Start by disabling and stopping firewalld:

$ sudo systemctl disable --now firewalld

You should now have an empty iptables configuration, as can be seen with iptables -S:

$ sudo iptables -S-P INPUT ACCEPT-P FORWARD ACCEPT-P OUTPUT ACCEPT

Because we've got an empty rule list, we're going to start by adding some basic rules.

First, we're going to block centos2 and anything else on our eth1 network from SSHing to centos1:

$ sudo iptables -A INPUT -i eth1 -p tcp -m tcp --dport 22 -j DROP

Next, we're going to allow only incoming SSH connections from 10.0.2.0/24 sources:

$ sudo iptables -A INPUT -s 10.0.2.0/24 -p tcp -m tcp --dport 22 -j ACCEPT ...