@vgaetera, if I’m reading @geffers’s post correctly, he actually doesn’t want his system allowing everything.
I absolutely second this!
@geffers, using/configuring firewalld is actually very simple (at least for simple things), the link @vgaetera provided will get you started in no time. And if you’re confused or want additional info – please don’t hesitate to ask.
And primarily I wanted to share this: Fedora’s default firewall configuration isn’t very good either – at least I don’t like it at all. By default for Fedora Workstation all the ports above 1064 are open.
You can verify it’s the case using this command:
sudo firewall-cmd --get-default-zone
If the answer is FedoraWorkstation – then the situation is what I’ve said above.
The simplest way to “shields up!” so to say – is to set default firewalld zone to public:
sudo firewall-cmd --set-default-zone=public
sudo firewall-cmd --runtime-to-permanent
Take notice that public zone by default has port 22 open for sshd, also muticast DNS and dhcpc6-client open as well. You can easily tweak it, details are in @vgaetera’s link.
Me personally, I use my own firewalld zone (derived from public) with just the ports/services I need open. It’s very easy to do (and keep, and apply to new computers) with firewalld. I can provide additional pointers on how to keep/transfer your own customized configuration easily if you need it.