On Thu, Aug 27, 2009 at 5:54 PM, David Rees<[email protected]> wrote: > > OK - I guess what I'm asking is this: > > I've just checked my particular pfSense box and aside from the nearly > 1000 ports it's listening to from 19000+ for my NAT reflection rules, > is there anything else keeping us from using a wider port range to > allow even more NAT reflection rules to be used? >
There are some foot shooting possibilities if you aren't careful. > I don't see many other ports in use on localhost except for ssh, dns, > pptp and a handful of ports ranging from 8021+ (which I believe are > used for the FTP helper). I think that it may be helpful to be able > to override the default starting port range and number as well as the > maximum number of ports to use for NAT reflection. Having them configurable in System->Advanced is probably good. > I assume that working from a recent 1.2.3 snapshot OK? Do you think > it will apply to the 2.0 branch as well? I have no idea how much the > code there has changed... > This wouldn't be accepted into RELENG_1_2 (1.2.x), that's strictly bug fixes only and this isn't a bug - though not ideal, it works as designed. The patch (preferably merge request in git) would have to be to 2.0. 2.0 is considerably different in many ways, but this particular part of the code base probably isn't much different. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
