Connections among nodes in Hadoop cluster should not be restricted.
Many ports used within the cluster by various components are dynamic and are not even known until install occurs.
If you want to set firewall rules for external access to the cluster, and you want to know all the ports to restrict see the following:
If you employ Kerberos which is a must for truly secure clusters for authentication, kerberos already identifies users, services and machines.
I found this blog, to be informative for iptables for Hadoop clusters: http://jason4zhu.blogspot.com/2014/11/configure-firewall-iptables-for-hadoop-cluster.html
Very common question, thanks for sharing!