I’ve seen this page by RTI which might be useful: https://community.rti.com/content/forum-topic/statically-configure-firewall-let-omg-dds-traffic-through
It has a spreadsheet for calculating the ports used by RTI Connext (one of the supported ROS 2 middleware implementations) which might also apply to other vendors. I haven’t used it myself.
Morgan mentioned the domain ID - note that the participant ID that’s used in these equations isn’t currently exposed/set by ROS 2, but it may be set by vendor-specific config files.