Date: Fri, 12 Dec 2003 07:26:28 -0600 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: Brett Glass <brett@lariat.org> Cc: net@freebsd.org Subject: Re: Controlling ports used by natd Message-ID: <20031212132628.GB19204@madman.celabo.org> In-Reply-To: <200312120312.UAA10720@lariat.org> References: <200312120312.UAA10720@lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Dec 11, 2003 at 08:12:49PM -0700, Brett Glass wrote: > Is there a way to control the range of ports to which FreeBSD's > natd maps outgoing connections? I'm attempting to deal with a > situation in which natd is (sometimes) changing outgoing UDP > packets' source port numbers to ones which are commonly used > by worms. Sometimes, a firewall at the destination blocks the > packet; at other times, the response is blocked on the way > back. > > If it is possible to tell natd to avoid using ports that are > firewalled, it ought to be possible to avoid this problem. But > I can find no way to do this. Does one exist? I suppose there is brute force. Use an application like PortSentry to bind the ports that you don't want to be used by natd. Cheers, -- Jacques Vidrine NTT/Verio SME FreeBSD UNIX Heimdal nectar@celabo.org jvidrine@verio.net nectar@freebsd.org nectar@kth.se
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031212132628.GB19204>