I originally asked this on misc@ with no response so I will try here.
Is there a way to get pf to never use specific ports? For example a
client on my LAN might send a request for a certain webpage which gets
sent to the gateway from a certain port we'll say, 43101. The Request
hits the gateway and then get's changed to another source port like
12754. The problem is that 12754 will trigger a false postive in snort
that someone is scanning for a ddos mstream client handler. How (if
possible) can you create a list of ports than will never be used by pf?
--Bryan
--Bryan
- Re: Nat ports Bryan Irvine
- Re: Nat ports Trevor Talbot
- Re: Nat ports Alejandro G. Belluscio
- Re: Nat ports Trevor Talbot
- Re: Nat ports Daniel Hartmeier
- Re: Nat ports Justin Krejci
- passive ftp Mark Bojara
- Re: passive ftp Trevor Talbot
- Re: passive ftp Dries Schellekens
