Re: replacing port in outgoing packets to any host

2007-02-25 Thread Lowell Gilbert
ck <[EMAIL PROTECTED]> writes:

> Hello, participants!
>
> In constant effort to prevent trojans to send spam following question
> came to my mind.
>
> Is there any way to replace port number for all outgoing packets?
>
> Long version:
>
> I want to block outgoing port 25 completely for network behind NAT
> router and allow port 8025 for example. But it means that router will
> have to replace outgoing port 8025 with port 25. After intensive
> googling it looks like my idea is... well... not popular. So, I just
> wonder if this is possible at all? Something like this:

If it *were* popular, the spammers' viruses would be taught to use
it.  None of these kinds of "solutions" are scalable.

> rdr any to any port 8025 -> any port 25
>
> PS Yes, I know that I can redirect port to open-relay on known static IP.

You can do something like that, but once you're going to that much
effort, it's a lot easier (*and* more effective) to just force
everyone to use an internal smarthost.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


replacing port in outgoing packets to any host

2007-02-22 Thread ck

Hello, participants!

In constant effort to prevent trojans to send spam following question 
came to my mind.


Is there any way to replace port number for all outgoing packets?

Long version:

I want to block outgoing port 25 completely for network behind NAT 
router and allow port 8025 for example. But it means that router will 
have to replace outgoing port 8025 with port 25. After intensive 
googling it looks like my idea is... well... not popular. So, I just 
wonder if this is possible at all? Something like this:


rdr any to any port 8025 -> any port 25

PS Yes, I know that I can redirect port to open-relay on known static IP.

Thanks!
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"