Open ports are ports that are open to the world. Often these open ports provide an open window into your home, you should have as little of these possible.
There are two lists displayed here.
- Ports detected using UPNP protocol. These are opened by another device via the UPnP protocol. If you tap into it, Firewalla will provide details. If you do not need this, you can block it. Blocking such service may slow down
- Next open ports list is done through an external scan. These are ports are very likely to be opened by you using port mapping on the router. (or by the router). If you do not know why these ports are open, please check your router ‘port mapping’ settings.
External scan ports may be limited due to filtering done by ISP's. The external scan is done by another Firewalla server in the cloud, this server may either do a deep scan or a shallow scan. In shallow scan, it will only scan the well-known ports. (ssh, https, http ...)
Tutorial on how to handle Open Port alarms.
Further questions, https://help.firewalla.com/hc/en-us/community/topics