From owner-freebsd-net@FreeBSD.ORG Thu Dec 11 19:12:54 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A062016A4CE for ; Thu, 11 Dec 2003 19:12:54 -0800 (PST) Received: from lariat.org (lariat.org [63.229.157.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9B91D43D36 for ; Thu, 11 Dec 2003 19:12:53 -0800 (PST) (envelope-from brett@lariat.org) Received: (from brett@localhost) by lariat.org (8.9.3/8.9.3) id UAA10720 for net@freebsd.org; Thu, 11 Dec 2003 20:12:49 -0700 (MST) Date: Thu, 11 Dec 2003 20:12:49 -0700 (MST) From: Brett Glass Message-Id: <200312120312.UAA10720@lariat.org> To: net@freebsd.org Subject: Controlling ports used by natd X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Dec 2003 03:12:54 -0000 Is there a way to control the range of ports to which FreeBSD's natd maps outgoing connections? I'm attempting to deal with a situation in which natd is (sometimes) changing outgoing UDP packets' source port numbers to ones which are commonly used by worms. Sometimes, a firewall at the destination blocks the packet; at other times, the response is blocked on the way back. If it is possible to tell natd to avoid using ports that are firewalled, it ought to be possible to avoid this problem. But I can find no way to do this. Does one exist? --Brett Glass