Le 18/08/2021 à 16:46, Florian Westphal a écrit :
Daniel <tech@xxxxxxxxxx> wrote:
how on a NAT firewall server using iptables or nftables, are the external
source ports choosen ? I would say range is 1024-65535 but if for instance I
use port 5060 for SIP this one can not be used as source port. Is there a
table of at time used ports ?
Are you talking about SNAT/MASQUERADE?
Yes
It will try to use whatever port is used. If the source address
replacement results in a collision, it tries to pick a different source
port between 1024 and 65535.
OK
Also, SNOM phones are systematically using port 2048 as source port of the
WAN ip. Is there a mechanism to allow such behavior ?
What do you mean? The initiator is free to pick whatever source port they like.
Well, how he will know that the port is free ?
--
Daniel
