firewall not working as expected in kickstart

I have following line in kickstart for firewall firewall --enabled --service=ssh,glusterfs,tftp,ntp I am expecting tftp server should be accessible from other system, but it was only accessible from local server. firewall-cmd --list-services ssh dhcpv6-client i did following steps and it start working firewall-cmd --permanent --zone=public --add-service=tftp firewall-cmd --reload Why kickstart firewall command not working neither throwing any error **Update1:** After reply of @Gracefulrestart I tried following options and still no success firewall --enabled --service=ssh --service=glusterfs --service=tftp --service=ntp firewall --enabled --service={ssh,glusterfs,tftp,ntp} Output of list services is firewall-cmd --list-services ssh dhcpv6-client After adding manually firewall-cmd --permanent --zone=public --add-service=tftp firewall-cmd --list-services ssh dhcpv6-client tftp Following are logs excerpt from /var/log/anaconda/journal.log Apr 23 10:48:10 localhost program: Running... /usr/bin/firewall-offline-cmd --enabled --port=30083:tcp --port=9090:tcp --port=8080:tcp --service=tftp --service=ssh --service=glusterfs --service=ntp Apr 23 10:48:10 localhost systemd: Started Locale Service. Apr 23 10:48:10 localhost program: INVALID_SERVICE: 'glusterfs' not among existing services Apr 23 10:48:10 localhost program: Adding service 'tftp' to default zone. Apr 23 10:48:10 localhost program: Adding service 'ssh' to default zone. Apr 23 10:48:10 localhost program: ALREADY_ENABLED: ssh Apr 23 10:48:10 localhost program: Adding service 'glusterfs' to default zone. Apr 23 10:48:10 localhost program: Adding service 'ntp' to default zone. Apr 23 10:48:10 localhost program: Adding port '30083/tcp' to default zone. Apr 23 10:48:10 localhost program: Adding port '9090/tcp' to default zone. Apr 23 10:48:10 localhost program: Adding port '8080/tcp' to default zone. Apr 23 10:48:10 localhost program: Return code: 2