lokkit is another way to open some ports to the public.
$ sudo lokkit --list-services
to see what services/ports can be managed/opened using lokkit. For me it's quite common to open ports for ssh, ipsec and mdns afer a fresh installation
$ sudo lokkit -s ssh $ sudo lokkit -s mdns $ sudo lokkit -s ipsec
Let's see if there will be something new in the near future to handle - somtimes quite complex (see virtualization) - iptable setups.