ports

David Allen the.real.david.allen at gmail.com
Tue Jul 8 20:14:35 UTC 2008


On Tue, Jul 8, 2008 at 11:04 AM, Mel
<fbsd.questions at rachie.is-a-geek.net> wrote:
> On Tuesday 08 July 2008 19:07:02 Matthew Seaman wrote:
>
>> You can configure named to always send packets using a
>> fixed port number (which can be helpful for firewalling)
>
> Purely outof interest, which (useful) firewall/nat rules cannot be made with
> dest port 53, that can be made with source port 53. Not talking syntax,
> but "business logically".

Fewer rules for those with a predisposition to being anal?

IIRC, pf offers a policy-based approch which I believe could make use of
such distinctions, but I think the advantages of managing the
source/destination
ports for querries, transfers, etc. are found more in traffic accounting than in
writing rulesets.


More information about the freebsd-questions mailing list