Thanks @loup001
I just made the changes to the /etc/httpd/conf/listen.conf as mentioned in
Ports 81 and 444 no longer display tcp6 listening, but I am still able to connect to the ipFire’s WebUI from the other PC.
So somehow the rule doesn’t work. Either something is wrong with my rule, or there is something else somewhere that allows this to accept before this rule is checked.
EDIT:
I’ve figured out why the rule works for port 222 and not 444
There’s a iptable entry GUIINPUT, which comes 3 chains before the INPUTFW (where the WebGUI rules are located), and this entry allows all GREEN to accept 444.
Looks like I’ll need to add this somehow to the CUSTOMINPUT chain, way up on the table, once I figure out how …