Just needed to know if all the ports above 1024 are closed by default. I know that below 1024 the ports are reserved for the kernel and ports above 1024 are reserved for user applications.
But by default, if I do not have a rule in my firewall to block ports above 1024, Will my system accept incoming or outgoing traffic?. (I think outgoing YES).
To see what processes are listening on what ports, use netstat, eg for a telephony server @ my shop:
[root@server ~]# netstat -tlnp | head -5
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:199 0.0.0.0:* LISTEN 30962/snmpd
tcp 0 0 0.0.0.0:8009 0.0.0.0:* LISTEN 6051/java
tcp 0 0 0.0.0.0:4201 0.0.0.0:* LISTEN 6051/java
[root@server ~]# netstat -ulnp | head -5
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 0.0.0.0:19342 0.0.0.0:* 6123/asterisk
udp 0 0 0.0.0.0:19343 0.0.0.0:* 6123/asterisk
udp 0 0 0.0.0.0:161 0.0.0.0:* 30962/snmpd
[root@server ~]#
As you can see, this is listening on ports over 1024. There are many other things to notice. 'man netstat' for more options.
This is much more important than your firewall. Turn off all but unneccessary services. For instance, I betcha that "cupsd" is running. You don't want that unless the box in question is a printserver, listening on the IP associated w/the configured interface.
As to your firewall, you're going about the whole thing the wrong way. You want to DROP packets by default, then add your allow rules. To this end, this is typically found at the beginning of a firewall script / config file:
*filter
:FORWARD DROP [0:0]
:INPUT DROP [0:0]
:OUTPUT ACCEPT [0:0]
BTW, "DROP" is pref'd over "REJECT". REJECT returns a "nobody home". DROP drops the packets silently. Suggest you man iptables. Google the "Unreliable Guides" by the module's author. Also, there are many sample firewalls out there.