I recently found my way to Lbry, amazing!

What firewall rules should I have?
I’m basing my firewall on a iptables script.

I’ve visited this site: https://lbry.com/faq/startup-troubleshooting
but it doesn’t say if port 50001 is UDP or TCP.

These are my firewall rules (I’m just guessing), do they seem correct or do I have to change them somehow?

Default policies

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

Connection tracking

iptables -A INPUT -m conntrack --ctstate INVALID -j DROP
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

Allow 3 way handshake

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Output rules

iptables -A OUTPUT -p tcp --dport 3333 -j ACCEPT
iptables -A OUTPUT -p udp --dport 4444 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 50001 -j ACCEPT

Do I have to open up any INPUT ports considering I have enabled 3-way handshakes?

​Your iptables rules might not be correct as you need to have both inbound and outbound rules set.
​
​INPUT:

• ​3333 TCP
• 4444 UDP

​OUTPUT:
​Usually you might want to use an open policy for this, however if you prefer to have a BLOCK policy you’ll have to open up these ports (and I might be forgetting some):

• 80 TCP
• 443 TCP
• 50001​ TCP
• 5566 TCP
• 5567 TCP
• 4444 UDP

​Let me know if that works for you.