Cole Dishington <Cole.Dishington@xxxxxxxxxxxxxxxxxxx> wrote: > On Thu, 2021-09-16 at 13:26 +0200, Florian Westphal wrote: > > >range_info.max_proto.all) { > > min = 1; > > max = 65535; > > range_size = 65535; > > } else { > > min = ntohs(nat->range_info.min_proto.all); > > max = ntohs(nat->range_info.max_proto.all); > > range_size = max - min + 1; > > } > > The original code defined the range as [ntohs(exp->saved_proto.tcp.port), 65535]. The above would > cause a change in behaviour, should we try to avoid it? Oh indeed, oversight on my part. Good question, current loop is not good either as it might take too long to complete. Maybe best to limit/cap the range to 128, e.g. try to use port as-is, then pick a random value between 1024 and 65535 - 128, make 128 tries and if all is taken, error out. I will leave it up to you on how you'd like to handle this. One way would be to make a small preparation patch and then built the range patch on top of it.