nope, I mean in theory if your masq box was REALLY busy it might be an issue (i.e. ip masq'ed ports +ports from system in use >4096) but I can't see to many people running into it (and if their system is that heavily loaded they will need to be tuning ipmasq like crazy).
Well, I guess it's better to use another port range for local connections on a firewall box because having them in the range of 60000 up to 65000 might interfer with those firewall rules that control the masq connections. Or are there any reasons for not using a range like 55000-60000 for local ports? It might just make defining filter rules easy, doesn't it?
No, they don't interfer.
Just curious :-)
- Martin
Kurt Seifried, seifried@securityportal.com Securityportal - your focal point for security on the 'net