\n
![\"\"](\"https:\/\/fullscale4me.com\/wp-content\/uploads\/2025\/06\/Samba-445-300x236.jpg\")
<\/p>\nThe “Firewall Configuration” is a GUI app (gufw) used for the configuration of the “Uncomplicated Firewall”, aka UFW. This makes it a simple task for novice users to configure their firewall. This GUI app (gufw) is installed by default in MX Linux Xfce and MX Linux Fluxbox only.<\/p>\n
KDE<\/b> <\/b>users<\/b> <\/b>should<\/b> <\/b>search<\/b> <\/b>in<\/b> the <\/b>MX P<\/b>ackage <\/b>I<\/b>nstaller<\/b> <\/b>for<\/b> <\/b>the<\/b> <\/b>package named \u2018gufw\u2019. <\/b>Install this GUI app<\/b> <\/b>to get the <\/b>\u2018<\/b>Firewall Configuration\u2019 app <\/b>referenced in this section<\/b>.<\/p>\n
Starting in MX Linux 23, the Firewall is enabled and set to ignore all Incoming connections. This may prevent the discovery of printers and some popular applications from working correctly. Programs may wait a long time to connect and never do so, or give an error message. Some of these error messages are not very clear.<\/p>\n
Samba uses just port 445 with the TCP protocol for the latest versions of Windows. To configure a ‘Simple’ exception rule for Samba:
\n<\/p>\n
Samba Note<\/b>: There are many other guides that show more ports being opened for older versions of Samba. Opening the<\/i>se<\/i> additional port ranges <\/i>can<\/i> result in Malware a<\/i>ffliction<\/i>.<\/i><\/p>\nAdding a ‘Preconfigured’ firewall exception rule (example \u2013 DNS)<\/h4>\n
![\"\"](\"https:\/\/fullscale4me.com\/wp-content\/uploads\/2025\/06\/dns-300x197.jpg\")
<\/p>\n
<\/p>\n
* Avahi 5353 UDP a mDNS (aka Bonjour) provider – use Preconfigured rule: ‘PLEX Avahi discovery’. *<\/b> = Use the “Preconfigured” application rule for these.<\/p>\n \u2020 = Enabling the above additional port ranges *MAY* result in data loss, Ransomware, Malware (such as WannaCry), and or privacy issues. TCP on ports 136 and 138 no longer implemented.<\/p>\n \u2021 = The printer connection, if connected to via Samba (default for a shared printer) *may* require opening port 445 on TCP on PCs not hosting the printer connection.<\/p>\n More ports<\/b> https:\/\/www.linuxtrainingacademy.com\/ports\/<\/a><\/p>\n Please direct ALL support requests to the MX Linux Forum — https:\/\/forum.mxlinux.org<\/a><\/p>\n Created <\/b>by FullScale4Me<\/b>: June, 2023 Update<\/b>d<\/b>: October 3, 2025<\/p>\n","protected":false},"excerpt":{"rendered":" Uncomplicated Firewall configuration The “Firewall Configuration” is a GUI app (gufw) used for the configuration of the “Uncomplicated Firewall”, aka UFW. This makes it a simple task for novice users to configure their firewall. This GUI app (gufw) is installed by default in MX Linux Xfce and MX Linux Fluxbox only. KDE users should search … Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_sitemap_exclude":false,"_sitemap_priority":"","_sitemap_frequency":"","footnotes":""},"categories":[4],"tags":[],"class_list":["post-198","post","type-post","status-publish","format-standard","hentry","category-mx-linux"],"acf":[],"_links":{"self":[{"href":"https:\/\/fullscale4me.com\/index.php\/wp-json\/wp\/v2\/posts\/198","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fullscale4me.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fullscale4me.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fullscale4me.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/fullscale4me.com\/index.php\/wp-json\/wp\/v2\/comments?post=198"}],"version-history":[{"count":28,"href":"https:\/\/fullscale4me.com\/index.php\/wp-json\/wp\/v2\/posts\/198\/revisions"}],"predecessor-version":[{"id":377,"href":"https:\/\/fullscale4me.com\/index.php\/wp-json\/wp\/v2\/posts\/198\/revisions\/377"}],"wp:attachment":[{"href":"https:\/\/fullscale4me.com\/index.php\/wp-json\/wp\/v2\/media?parent=198"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fullscale4me.com\/index.php\/wp-json\/wp\/v2\/categories?post=198"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fullscale4me.com\/index.php\/wp-json\/wp\/v2\/tags?post=198"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nChrome Remote Desktop TCP port 443 and TCP\/UDP 3478
\nChrony UDP 123 UDP 323
\nCIFS (Common Internet File System) TCP ports 139 and 445. \u2020<\/b>
\n* CUPS IPP\/PPS printing 631 TCP More – https:\/\/www.cups.org\/doc\/firewalls.html<\/a> \u2021<\/b>
\nAppSocket\/JetDirect printing 9100-9102 TCP
\n* DHCP UDP port 67 on the server side.
\nUDP port 68 on the client<\/b> side. Preconfigured rule adds port 67 only.
\n* DNS 53 TCP & UDP
\n* DropBox TCP 90. 443, 17600 & 17601 (3rd pty file apps). TCP 17500 LAN Sync feature.
\nDuckto 4644
\n* FTP 20 & 21
\nHplip 5353 UDP
\n* Internet Printing Protocol aka IPP uses TCP with port 631. (Use ‘CUPS’ pre-configured rule).
\n* KDE Connect – port range 1714-1764 for UDP and TCP
\nLocalSend 53317 TCP & UDP
\n* IRC 6697 (IRC SSL)
\n* mDNS 5353 UDP DNS Lookup. Preconfigured rule: ‘Multicast DNS’
\n* Minecraft 25,565
\n* NFS 111 & 2049 TCP & UDP (Web NFS)
\n* NTP\/SNTP\/Chrony UDP 123 Chrony adds UDP 323
\nOpenVPN 1194 TCP & UDP
\nPC Anywhere 5631
\nPrinting & SMB Printer sharing – see CUPS above.
\nPlex Media Server TCP: 32400
\nRemote Desktop 3389 TCP & UDP – enables acceleration. (RDP > 8.0)
\n* Samba (pre 2012 devices – SMB1\/NT1) UDP ports 137 & 138; TCP ports 135, 137. 139 & 445. \u2020<\/b>
\nSamba modern: SMB version 2 & SMB version 3 implementations TCP port 445
\n* SANE 6566, 54921 Preconfigured rule: ‘SANE Scanner’
\nScrcpy 5555 TCP
\nSMB Printing see CUPS above.
\nSpotify uses port 4070 TCP by default. If it is unable to connect on that port, it will roll to port 443, then port 80
\n* SSH 22
\nSyncthing 22000 TCP & UDP – host-to-host 9806 8384
\n* Teamviewer TCP\/UDP 5938, TCP 443, TCP 80
\n* Transmission 51413.
\nUpnP (Universal Plug n Play) 1900 UDP also 80, 5431 & 49152
\n* VNC 5500\/5900\/5901 both.
\nWarpinator 42000 and 42001 Flatpack adds 5353 UDP
\nWINS 137 UDP
\nWormhole\/Magic Wormhole connection to ‘Mailbox’ aka Rendezvous Server 4000 & 4001
\nWSDD port 5357 TCP and port 3702 UDP – Add as two ‘Simple’ type rules.<\/p>\n