As discussed on our recent call, this implements basing which ports we consider "ephemeral" on probing the host's settings, rather than just assuming the RFC 6335 recommended values, which are not what Linux uses by default. I think this is more correct, but additionally using the Linux values means we consider more ports ephemeral, reducing kernel memory consumption for -t all -u all. Changes in v2: * Add missing close() for the sysctl file David Gibson (3): conf, fwd: Make ephemeral port logic more flexible conf, fwd: Don't attempt to forward port 0 fwd, conf: Probe host's ephemeral ports conf.c | 19 +++++++++++---- fwd.c | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ fwd.h | 3 +++ util.h | 3 --- 4 files changed, 92 insertions(+), 7 deletions(-) -- 2.46.0