I was pushed several years ago into implementing the
"universal heuristic proxy" in openfwtk - like something that
gets diverted socket (from packet filter or socks)
and starts proper application proxy
justifying which one to run using port number and protocol
pattern heuristics. I felt it is not a good idea - cannot
really figure out why, but i just felt that way, so i stick
with default port number binding as usual. Maybe i am wrong.
Seems that others bumped into same idea, no surprise as it
is pretty obvious. Must be almost the only way to handle p2p
properly if you need it for some reason.

firewall-wizards mailing list