Daniel <tech@xxxxxxxxxx> wrote: > how on a NAT firewall server using iptables or nftables, are the external > source ports choosen ? I would say range is 1024-65535 but if for instance I > use port 5060 for SIP this one can not be used as source port. Is there a > table of at time used ports ? Are you talking about SNAT/MASQUERADE? It will try to use whatever port is used. If the source address replacement results in a collision, it tries to pick a different source port between 1024 and 65535. > Also, SNOM phones are systematically using port 2048 as source port of the > WAN ip. Is there a mechanism to allow such behavior ? What do you mean? The initiator is free to pick whatever source port they like.
