Yes you can do that i was just showing how the firewall works even if you change the SSH port i would still be running a firewall to help prevent attacks. Also just changing the port SSH is running on does not make your box "Secure" just means that most automated scripts will not see it, The firewall can allow you to block port scans as well as limit the number of times some one can connect to your SSH or other services like FTP. But any ways you are correct in that changing the port of SSH it easier the setting up the firewall.