I wrestled with the Firewall in FreePBX 13 for a couple of weeks.
The nutshell version is to run the Wizard, then start from the bottom and work your way up.
Once the wizard is done running, go to the “Zones” and set up your blacklisted zones (if you have any).
Next, set up your trusted Networks. Get these right the first time and your life should be reasonably simpler. Mark all of your trusted zones as “trusted”. Mark your Internal network as “Internal” as well. Do not save any as “blank” - I did that and it took me two weeks to get it fixed (I ended up in the FreePBX database doing database updates by hand to fix that).
Next, go into your interfaces and mark the Internal and External interfaces.
After you get those set up, go into services and set up the ports that you need open. In theory, if you set up your VOIP provider as a trusted network, you shouldn’t need to do anything to the services, but that may or may not be true. Set up your inbound port number (assuming you changed your local SIP connections away from 5060) or numbers (if you are using both Chan_SIP and PJSIP). Open your UDP port addresses for RTP as well.
Once you get done with all of that, but before you actually start the firewall up, check to see if you have the SysAdmin module installed. The “Intrusion Detection” option in there may or may not mess with the Integrated Firewall. I did find that setting the whitelist and blacklist in there was much more effective than the integrated firewall, but I think that both of them may be needed, even though the Firewall module implies that we should just trust it and that it’s got it covered.
One note - at some point, the firewall module may decide to switch your internal and external interfaces around. At this point, I’m pretty sure you are hosed, but a hardware reboot should solve your problem there. Also, even though you may stop the firewall at the command line (to get something working), the system may decide that you really meant that you wanted it on and will restart it for you for no good reason. Just go with it.
Have fun and enjoy.