# Firewall Settings Table
directionportprofile / layer description
inbound9000Layer0public API
inbound9001Layer0peer to peer API
inbound9010Layer1public API
inbound9011Layer1peer to peer API
outboundallTune to your needs
SSH22Enable remote access to your VPS or server to manage your node effectively.
For enhanced security, consider configuring SSH to use a custom port instead of the default port 22. This adds an extra layer of obscurity, reducing exposure to automated scanning and brute-force attempts.
{% hint style="warning" %} The public and p2p ports mentioned above are customizable if desired to fit your needs. The default port settings are listed to adhere to the default settings used by nodectl and recommended by the protocol. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.constellationnetwork.io/run-a-node/references/firewall-settings-table.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.