Nice You have searched and have found something!
But these images are made for development. Commonly, as I know, development builds have lax security builtin for easier tracking. These are not made for production systems.
Kde Connect would be completely dysfunctional if you enable a firewall here at the beginning. As I remember (I am not a KDE User at all),
KDE Connect pairs it devices for sharing. So it gets authenticated by a key, which has been shared at first connect. So you want to make a service dysfunctional at the beginning which is designed to be always on?
Authentication: Keyfile only
Connection: TLS Encryption
Behavior: You have to allow each device explicitly.
So at the end, the only DE, which has one open port, is KDE. Don’t get me wrong, KDE is a great piece of software, but it aims to be like WindBlows and adapt also bad behaviors. So I am not a fan of KDE at all.
You want to block bittorrent? Seriously? I mean, to block certain IPs, there is commonly used a blocklist, but the whole Port Range? Funny I hear the user crying in my mind: “Why is bittorrent not working? Shit Linux, it blocks everything.”
So @alven please explain, why you would block bittorrent or KDEConnect as a common user instead of removing it or just stopping/disabling the service?