On Monday 2008-08-11 10:15, Pavol Rusnak wrote: > Hello! > > Recently there was an issue identified on DNS module about the need to > randomize the port selection. I'd like to know if this is already taken care > in NAT modules in iptables? Could you please let me know if port selection is > already randomized in these modules ? If the client randomizes its source port, the NAT will obviously do the same. Then there is --random for SNAT/MASQUERADE and others. And now there has just been a patch merged to take some secure port number it seems. (http://marc.info/?l=netfilter-devel&m=121912048304189&w=2 ) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
