You can easily manage the firewall rules using puppet as puppet has puppetlabs-firewall module which is a pre-existing module that a user could install from puppet forge and customise it as per his need.
Since,firewall rules are applied with a top-to-bottom approach,the best way to manage firewall rules with Puppet is to divide them into pre and post groups to ensure Puppet checks them in the correct order.
Managing the firewall rules using puppet includes the following steps:
Install the puppetlabs-firewall module.
Write a module to define the firewall rules for your Puppet managed infrastructure.
Add the firewall module to the main manifest.
Enforce the desired state using the my_firewall class.
For a step by step procedure for the same you could refer to: https://puppet.com/docs/puppet/6.7/quick_start_firewall.html
The above link has all that you will need to know in order to manage the firewall rules using puppet.