The only way to see what the outside world sees is to run a port scan using an external address, not on the system. Use nmap for that.
On the same machine, we can ask netstat.
Code:
# Open ports with listeners, not localhost
$ ss -lnt|egrep -v 127
$ netstat -tunl|grep LISTEN|grep -v 127
$ sudo netstat -tulpn |grep LISTEN|grep -v 127
Note which need and don't need sudo.