No, not the only way.
The firewalld.service / iptables.service / nftables.service are "scripts" that add firewall rules on every restart.
Now you have at least two "scripts" that run on or after every restart and do bits of the same task.
One is made for that task, other you have created yourself. That sounds very redundant.
Do you know for certain when your cronjob runs relative to all other participants that modify firewall rules?
"Everybody" knows what iptables.service does. Nobody (you included) remembers that you have a custom cronjob.