We can edit the firewall settings after you spot which ports you need to open. We can do this the same way as in this guide's system setup section.
Log in to your node if you are not already connected:
ssh <ssh-device-alias>I will open all public ports used for the Geth and Prysm clients. Prysm is needed as it is the only fully supported validator for the LUKSO CLI for now. Since I choose stability over performance, I choose Geth, based on the warning notices from Erigon's repository.
# Geth or Erigon Execution Chain Data Channel
sudo ufw allow 30303/tcp
# Geth or Erigon Execution Chain Discovery
sudo ufw allow 30303/udp
# Prysm Beacon Gossip, Requests, and Responses
sudo ufw allow 13000/tcp
# Prysm Beacon Discovery, Requests, Data Exchange
sudo ufw allow 12000/udp
# Lighthouse or Teku Beacon Communication and Data
sudo ufw allow 9000/tcp
sudo ufw allow 9000/udpThe output of each command should always show:
Rule added
Rule added (v6)Now we can verify our firewall configuration as we did previously. If something is missing or configured wrong, look into the firewall section firewall section of the system's setup.
sudo ufw statusThe output for Geth and Prysm should look similar to the one underneath. Please note that <preferred-ssh-port> will be exchanged with your actual SSH port.
Status: active
To Action From
-- ------ ----
<preferred-ssh-port>/tcp ALLOW Anywhere
30303/tcp ALLOW Anywhere
30303/udp ALLOW Anywhere
13000/tcp ALLOW Anywhere
12000/udp ALLOW Anywhere
<preferred-ssh-port>/tcp (v6) ALLOW Anywhere (v6)
30303/tcp (v6) ALLOW Anywhere (v6)
30303/udp (v6) ALLOW Anywhere (v6)
13000/tcp (v6) ALLOW Anywhere (v6)
12000/udp (v6) ALLOW Anywhere (v6)
If your client ports match, they are allowed from the node's point of view. In the next step, we need to enable inputs from the router's side.