FWIW, if you implement firewall blocking with iptables, you can use chains to handle this. in my setup, I have an "acme" rule at the top of the configuration that opens the required ports. i just turn the rule on/off and flush to enable/disable.
5 Likes