If you are setting up a firewall, you should take the effort to go through the ports to learn what you are allowing and not allowing. I don't claim to be a security expert, but here's some info...
For example (with a couple additional to consider):
20 - ftp-data (I don't know of any reason you need to allow this as I believe this is always initiated outgoing)
21 - ftp
22 - ssh
25 - smtp mail 26 - smtp alternate port (enable if you enabled exim on port 26)
53 - dns (transfers required TCP)
80 - http
110 - pop3
143 - imap
443 - http ssl 465 - smtp ssl (enable if you want to allow secure smtp)
993 - imap ssl
995 - pop3 ssl
1040 - I'm not sure what you would have running on that port
2082 - cPanel
2083 - cPanel ssl
2084 - not sure what you would have there
2086 - whm
2087 - whm ssl
2095 - webmail
2096 - webmail ssl
30000_35000 - typical port range to allow PASV ftp access
Based on that, decide what you want to allow.
2. UDP Ports
You really only need port 53 open to allow DNS queries. 20, 21 (ftp) don't need to be open for FTP to work. 37 is time server, 873 is rsync (so only open along with TCP if you need to rsync from another machine, but I'd recommend against that... use rsync over SSH instead).
If you want incoming traceroutes to work, you need to open ports for that... something like:
Otherwise the last hop (your server) will never respond.
Make good use of the command "netstat -nlp" (as root for the "p" to work) to see what you have running on your server using what ports. And /etc/services to help you identify what's each port is generally used for.