mechanism> When using SNAT of Netfilter as an NAPT, how will Netfilter assign the > public UDP port for a UDP request from the private network to Internet?
With both TCP and UDP, netfilter will use the source port contained in the
original packet if it can (ie: if that source port is not being used for
something else by the netfilter machine). If this is not possible, then
another port is chosen at random using the standard socket-binding
used for any network connection.
> Could someone detail it to me when the UDP request is > NEW/ESTABLISHED/RELATED/REPLIED/UNREPLIED?
This makes no difference.
Thanks.
But what i observed is:(SNAT using UDP port 20000-30000)
private addr netfilter port Internet addr
10.0.0.8:2000 ---> 20000 ----> 193.0.0.8:3000
10.0.0.8:2001 ---> 20000 ----> 193.0.0.8:3001
10.0.0.8:2002 ---> 20000 ----> 193.0.0.8:3002
that means DIFFERENT UDP requests from private network for DIFFERENT Internet destination result in a same Netfilter port no matter the Internet destination sends reply or not ;
private addr netfilter port Internet addr
10.0.0.8:2000 ---> 20000 ----> 193.0.0.8:3000
10.0.0.8:2001 ---> 20001 ----> 193.0.0.8:3000
10.0.0.8:2002 ---> 20002 ----> 193.0.0.8:3000
DIFFERENT UDP requests from private network for a SAME Internet destination result in DIFFERENT Netfilter ports, why?
_________________________________________________________________
与联机的朋友进行交流,请使用 MSN Messenger: http://messenger.msn.com/cn
