Hi again,
You can't do that with NATted UDP, either. Quite many firewalls want to match all of the (srcIP, srcPort, dstIP, dstPort) to match.
Well, instead of claiming I'm an expert (!), I will hereby copy an e-mail that's been posted a few months ago on the p2p-hackers mailing-list by one of the Limewire developers. It talks about the proportion of NAT devices which are compatible with the aforementioned hack ;) Regards Antoine. From:p2p-hackers-bounces@zgp.org [mailto:p2p-hackers-bounces@zgp.org] On Behalf Of Greg Bildsonent: Wednesday, December 01, 2004 10:51 AM To: Peer-to-peer development. Subject: RE: [p2p-hackers] Why UDP and not TCP? David, Our operating environment has not yet stabilized - early beta testers didn't get the proper port stability tests and our entire user base has not been upgraded. However, early indications are that 50 to 60 percent of firewalled users will benefit. Again though, the harshest firewalled users probably have not had a good experience with P2P software so we are working with a self selected crew. This method does work with the Windows XP firewall so we expect it to be widely successful as XP becomes further adopted. One improvement that we can make is to our existing scheme is to handle firewalls/NATs that use a sequential port assignment algorithm for each attempt. Rather than just trying a fixed port, we could try to negotiate a connection with that port +1, +2 and +3. I'm not sure what percentage of users would really benefit from this though. As has been mentioned here recently, we certainly have noticed that incoming TCP connections are often possible after the same type of UDP pinging. We have no numbers on that though. Thanks -greg