Re: NAT - how external source port is selected

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Le 18/08/2021 à 16:46, Florian Westphal a écrit :
Daniel <tech@xxxxxxxxxx> wrote:
how on a NAT firewall server using iptables or nftables, are the external
source ports choosen ? I would say range is 1024-65535 but if for instance I
use port 5060 for SIP this one can not be used as source port. Is there a
table of at time used ports ?
Are you talking about SNAT/MASQUERADE?
Yes
It will try to use whatever port is used.  If the source address
replacement results in a collision, it tries to pick a different source
port between 1024 and 65535.
OK
Also, SNOM phones are systematically using port 2048 as source port of the
WAN ip. Is there a mechanism to allow such behavior ?
What do you mean? The initiator is free to pick whatever source port they like.
Well, how he will know that the port is free ?

--
Daniel



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux