Date: Thu, 12 Jun 2008 16:26:39 -0500 (CDT) From: "Jeremy C. Reed" <reed@reedmedia.net> To: freebsd-pf@freebsd.org Subject: random nat source ports not always random Message-ID: <Pine.NEB.4.64.0806121601100.9368@tx.reedmedia.net>
next in thread | raw e-mail | index | archive | help
I have nat on iwi0 from 192.168.19.4 port 2222 to any port 3333 -> 192.168.19.4 \ port 5000:55000 random 1) I noticed by using a port 5000:55000 range that my random numbers were in a larger pool. I don't know if that is true or not but it appeared that way from a few tests (and not looking at source). Do you know what the default port range is for "random"? 2) Also I did this without "random" and it appeared to be random at first, but then started using same port numbers. I then added "random". From looking at PF FAQ, it seems to say it "might be ... replaced with randomly chosen, unused port", but man page doesn't. Do you know if it defaults to "random"? 3) When using "random", it is mostly random, but when I do multiple requests to same destination (within a short period of time), it uses the same new source port. I can easily repeat this and see this with both tcpdump and pfctl -s state which shows MULTIPLE:MULTIPLE (instead of MULTIPLE:SINGLE). I am trying to find a setting that will disable that, so it will use a new random port each time. It is acting like "sticky-address" option is used. pfctl -s timeouts shows that src.track is 0s (default). Any suggestions on ignoring that state so each connection with identical original source/destination IP/port will be randomized? (By the way, this is not on FreeBSD. But I think this list should be a good help anyways. I am using PF 3.7 on NetBSD.) Thanks
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.4.64.0806121601100.9368>