Controlling ports used by natd
Jacques A. Vidrine
nectar at FreeBSD.org
Fri Dec 12 05:26:31 PST 2003
On Thu, Dec 11, 2003 at 08:12:49PM -0700, Brett Glass wrote:
> Is there a way to control the range of ports to which FreeBSD's
> natd maps outgoing connections? I'm attempting to deal with a
> situation in which natd is (sometimes) changing outgoing UDP
> packets' source port numbers to ones which are commonly used
> by worms. Sometimes, a firewall at the destination blocks the
> packet; at other times, the response is blocked on the way
> back.
>
> If it is possible to tell natd to avoid using ports that are
> firewalled, it ought to be possible to avoid this problem. But
> I can find no way to do this. Does one exist?
I suppose there is brute force. Use an application like PortSentry to
bind the ports that you don't want to be used by natd.
Cheers,
--
Jacques Vidrine NTT/Verio SME FreeBSD UNIX Heimdal
nectar at celabo.org jvidrine at verio.net nectar at freebsd.org nectar at kth.se
More information about the freebsd-net
mailing list