Your issues with firewall are likely because Oracle is, essentially, using firewalld rules for all their images, even ones that don't have it included. So if you are running on Ubuntu, and trying to use ufw like most tutorials will recommend you do, it will do nothing with the default iptables entires and be essentially useless. And the bigger problem is that some of their rules are required to start to VMs (they need iSCSI access rules on boot)
The easy solution is to just give in to Oracle's config and install firewalld:
sudo apt install firewalld sudo systmctl enable --now firewalld(And ensure ufw is disabled)
You can then manage rules using firewall-cmd. For example:
sudo firewall-cmd --permanent --add-service={http,https} sudo firewall-cmd --reloadWill allow http/https traffic.
The second option is the one I assume you tried: fix iptables and use ufw. But this is a bit more complex than it seems.
First issue is that IIRC the iptables rules will be applied again on reboot. Now, cloud init can be disabled, but there is another issue - the iSCSI rules.
The official Oracle workaround for ufw potentially making the VMs unbootable is "don't use ufw" (https://docs.oracle.com/en-us/iaas/Content/knownissues.htm#ufw), and while you should be able to just ensure everything is correctly configured with ufw, I honestly stopped bothering. firewalld works fine for me, so, like Oracle, I would recommend that route instead.
Additionally there is separate OCI networking and their firewall. You have to remember that Network Security Groups override Security Lists, so if you have one assigned to your VNIC, you need to edit it instead of the subnet-wide SL.
If there is something else specifically you need help with you'll need to give more details - this post is just based on a guess you have the common issues.
