Let's say as the example that I have a firewall that blocks ALL ports from all sources/destinations.
What ports would I need to open to be able to successfully run:
ping google.com
…and are there any other ports I would have to open to be able to browse google.com via a browser?
I've tried opening port 53(dns) 80(http) and 443(https); this is not enough, I am using iptables but I am not asking for how to configure this on iptables, I'm just asking which ports need to be open regardless of what port based firewall you may be using.
Best Answer
For DNS, you need to allow UDP packets between any port on an IP address inside the firewall, and port 53 on an IP address outside the firewall.
For HTTPS, you need to allow TCP packets between any port on an IP address inside the firewall, and port 443 outside the firewall, or more rarely any port outside the firewall (some websites are not on the default port). For HTTP, it's the same with port 80.
TCP is a connected protocol; the two ends of the connection are not symmetric and firewalls usually make a difference between. There's rarely any security reason to prevent outgoing connections except maybe to force outgoing email to go through a dedicated relay (to prevent infected machines from sending spam undetected). A typical basic firewall for a client machine allows all or most outgoing connections, and blocks incoming connections.
For ping, allow ICMP. You should allow all ICMP unless you have a specific reason to block certain kinds of packets. Blocking ICMP indiscriminately can make network problems hard to diagnose and can cause floods due to applications not getting proper error replies.
Here's a simple Linux firewall configuration suitable for a typical client machine, that allows everything outdoing except SMTP to a machine other than
smtp.example.comand blocks incoming TCP connections except on port 22 (SSH).