The thing to remember is that firewall rules are checked in the order they are listed. The kernel will stop processing the chain when a rule is triggered that will either allow or dis-allow a packet or connection.
I think the most common mistake for novice firewall administrators is that they follow the correct instructions to open a new port, such as the one one you did
and then discover that it won’t take effect.
The reason for that is that the
-A option adds that new rule, after all existing rules and you probably have a higher priority existing rule that allows SSH.
Use -I to insert your new rules as the first in the chain and they will not be negated by existing rules, or rather , always look at your complete firewall config
See also Debugging iptables and common firewall pitfalls?