Hi all,

I would like to set up a strict firewall for an Ubuntu-based machine that is just used for web browsing. I would appreciate if some of the forum gurus could review the setup below. I created the rules in GUFW and provided below the output from "sudo ufw status verbose". I also reorganized the output for easy reference and added a few questions. FYI, I have a dynamic IPv6 address.

Code:
Status: active
Logging: on (low)
Default: deny (incoming), deny (outgoing), disabled (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
Web browsing rules. Do I need all 4 rules below if I only have the IPv6 address?
80/tcp                     ALLOW OUT   Anywhere     
80/tcp (v6)                ALLOW OUT   Anywhere (v6) 
443/tcp                    ALLOW OUT   Anywhere     
443/tcp (v6)               ALLOW OUT   Anywhere (v6)

DNS rules. Do I need both rules below if I only have the IPv6 address?
53                         ALLOW OUT   Anywhere     
53 (v6)                    ALLOW OUT   Anywhere (v6)

DHCP rules. Should I delete or modify any of the 2 rules below (for instance by adding the v6 or v4 equivalents)?
67:68/udp                  ALLOW OUT   Anywhere
546:547/udp (v6)           ALLOW OUT   Anywhere (v6)

Ntpd rules. Do I need this for time synchronization in Ubuntu? Is there a reason why I should/shouldn't keep this?
123/udp                    ALLOW OUT   Anywhere                   
123/udp (v6)               ALLOW OUT   Anywhere (v6) 

Are there any other ports I should open that are crucial to the operation of Ubuntu?