I use nmap combined with watch to continually try the port I am interested in:
watch -n 5 "nmap -P0 -sT -p5666 www.service-labs.com"
for UDP pings it is almost the same:
watch -n 5 "nmap -P0 -sU -p5666 www.service-labs.com"
As you can see, UDP pings are done the same as TCP pings except for the -sU instead of -sT. nmap can take a while to timeout so it’s better to tell watch to wait 5 seconds before the next attempt. This is NOT a perfect solution. It will only help you determine if the packets are arriving and leaving the target server.
If you do not have tcpdump running on the target end then you will not be able to tell if the/a firewall is the problem or if the target system is the problem.
While the above is running just start making your changes. This is a simple way to get certain firewall rules worked out.