Ralph Johns (UK) wrote:
As you say outgoing NAT does inform incoming return packets of their destination …
Yes, when a local network client requests https://gmail.com the router records the local client IP, makes the request over the internet & then sends the appropriate responses to that client (via port 443 in this case since it's SSL/TLS).
Ralph Johns (UK) wrote:
… but unless you are using a method to open the ports that requires any additional firewall the device may have it will work Out if the Box or port below 1024
I think that is the opposite of what I am saying.
Ports below 1024 do not get opened on a router if a local network client asks for it (e.g. running a webserver on your Mac doens't let the internet access it for example). That is the point of UPnP, to let apps request inbound ports at the router to be directed to them on the local network. In effect UPnP should be like a dynamic form of your port forwarding rules (but it doesn't always work).
I suspect dan_gard doesn't have the ports that UseNext needs open pointing at his Mac (which explains why the PC works & the Mac doesn't).
Ralph Johns (UK) wrote:
If you go to sites like PortForward.com and a specific list of App for a particular router (A random Linksys one) there is no Browser or mail app listed in the list of applications and games. Popular FTP apps are also not listed.
I'm not sure how much that matters, the following is Terminal will list all the ports that OS X knows about…
cat /etc/services
(The list is massive)
The router isn't necessarily letting all traffic in just because a rule hasn't been added, NAT is used to isolate the local network from the public internet.
I think we have different ideas of what is public & what is private on a basic router. I don't want to derail this thread, so we should probably drop this ?