Is there a way to get pf to never use specific ports? For example a client on my LAN might send a request for a certain webpage which gets sent to the gateway from a certain port we'll say, 43101. The Request hits the gateway and then get's changed to another source port like 12754. The problem is that 12754 will trigger a false postive in snort that someone is scanning for a ddos mstream client handler.
Bad admin.
How (if possible) can you create a list of ports than will never be used by pf?
PF doesn't look at anything other than the nat rule and existing states when choosing a port. You could change the nat rule to use a range that doesn't have any undesired ports in it, but that's all I can think of at the moment.
