diff --git a/site-cookbooks/ipfs/attributes/default.rb b/site-cookbooks/ipfs/attributes/default.rb
index 301d7c2..d28241c 100644
--- a/site-cookbooks/ipfs/attributes/default.rb
+++ b/site-cookbooks/ipfs/attributes/default.rb
@@ -1,5 +1,5 @@
-node.default['ipfs']['version'] = "0.4.9"
-node.default['ipfs']['checksum'] = "ae50c760f58548adc7c6dade4cf549059b6bc73ebc25ff4ea9fece06a15ac0a6"
+node.default['ipfs']['version'] = "0.4.15"
+node.default['ipfs']['checksum'] = "48a81cfc34d3a12c8563dbdfae8681be6e4d23c0664d6a192bc2758c4e4ef377"
 # Do not contact local network addresses. This will stop platforms like Hetzner
 # to block your server (https://github.com/ipfs/go-ipfs/issues/1226)
 node.default['ipfs']['config']['swarm']['addr_filter'] = ["/ip4/10.0.0.0/ipcidr/8", "/ip4/100.64.0.0/ipcidr/10", "/ip4/169.254.0.0/ipcidr/16", "/ip4/172.16.0.0/ipcidr/12", "/ip4/192.0.0.0/ipcidr/24", "/ip4/192.0.0.0/ipcidr/29", "/ip4/192.0.0.8/ipcidr/32", "/ip4/192.0.0.170/ipcidr/32", "/ip4/192.0.0.171/ipcidr/32", "/ip4/192.0.2.0/ipcidr/24", "/ip4/192.168.0.0/ipcidr/16", "/ip4/198.18.0.0/ipcidr/15", "/ip4/198.51.100.0/ipcidr/24", "/ip4/203.0.113.0/ipcidr/24", "/ip4/240.0.0.0/ipcidr/4"]
diff --git a/site-cookbooks/ipfs/metadata.rb b/site-cookbooks/ipfs/metadata.rb
index 92e7b3e..bb1868c 100644
--- a/site-cookbooks/ipfs/metadata.rb
+++ b/site-cookbooks/ipfs/metadata.rb
@@ -9,3 +9,4 @@ version          '0.1.0'
 supports %w(ubuntu debian)
 
 depends 'ark'
+depends 'firewall'
diff --git a/site-cookbooks/ipfs/recipes/default.rb b/site-cookbooks/ipfs/recipes/default.rb
index ed48382..3aa72aa 100644
--- a/site-cookbooks/ipfs/recipes/default.rb
+++ b/site-cookbooks/ipfs/recipes/default.rb
@@ -7,6 +7,8 @@
 # All rights reserved - Do Not Redistribute
 #
 
+include_recipe 'firewall'
+
 version = node["ipfs"]["version"]
 
 ark "ipfs" do
@@ -72,6 +74,12 @@ else
   end
 end
 
+firewall_rule 'ipfs_swarm_p2p' do
+  port     4001
+  protocol :tcp
+  command  :allow
+end
+
 # Configure ipfs to not contact local network addresses
 ipfs_config "Swarm.AddrFilters" do
   value node['ipfs']['config']['swarm']['addr_filter']