Besides, this thread is dead so there is nothing to side-track.
So you should have no need to post here any more thanks.
So as I was saying the ports for this game does not have to be random some people have NAT types that do not do Port Preservation this causes UDP Traversal problems such that they rely on the other end (another player directly which this game does regardless or tries) to have a port mapping to a random port this all makes things not work very well given that we need compatibility when the whole point of UDP Traversal is to not need UPnP which why have it on and cause a risk
http://www.kb.cert.org/vuls/id/361684
or port mapping but then we do need port mapping so that people on given NATs that don't do Port Preservation have a fixed port and solves this as safely as possible.
So I'm saying you don't need port mapping for UDP Traversal to work where both ends have Port Preservation and random ports yes not going to lie about that but then I don't have to because of the problem above where one end if not more does not do Port Preservation.
Now its unlikely a person will have a app on a range of UDP ports as the source and service port and yes it is both because it UDP that makes UDP Traversal possible here is how random ports works.
https://forums.ashesofthesingularity.com/473245/page/1/#3602700
here are destination ports and you will see where the source and service port is done
Outgoing
49194
incoming
58744
58745
63897
So what are the source and service ports used when I make a outgoing connection to the other player at 49194? your looking at them 58744,58745, 63897 and that means 49194 is the other persons source and service and its them ports the game sets up that are sent to the server and sent to us.
So firewall state of outgoing for UDP
IP1 1.1.1.1 source port 58744 > IP2 2.2.2.2 = remote port 49194 = Punch!
blocked by firewall at IP2 2.2.2.2
IP2 2.2.2.2 source port 49194 > IP1 1.1.1.1 = remote port 58744
if you allow all UDP ports out then IP1 1.1.1.1 allows this connection under the firewall state of outgoing to allow IN because of the above
but let say I don't want to allow all UDP port on a firewall that's not my PC firewall and I allow all incoming UDP ports
So firewall block outgoing for UDP random port
IP1 1.1.1.1 source port 58744 > IP2 2.2.2.2 = remote port 49194 = no punch
IP2 2.2.2.2 source port 49194 > IP1 1.1.1.1 = remote port 58744
allowed under the firewall state of incoming all UDP ports
IP1 1.1.1.1 source port 58744 > IP2 2.2.2.2 = remote port 49194 = connect back
allowed under the firewall state of incoming above
but like I said its random meaning you can't port forward a given port or given range which if it was say 20000-20100 but lets make it interesting and the other player has a random port lets say 49194 again for show and I don't allow outgoing to that port but allow incoming for 20000-20100
So firewall block outgoing for UDP random port
IP1 1.1.1.1 source port 20000 > IP2 2.2.2.2 = remote port 49194 = no punch
IP2 2.2.2.2 source port 49194 > IP1 1.1.1.1 = remote port 20000
allowed under the firewall state of incoming 20000-20100 UDP ports
IP1 1.1.1.1 source port 20000 > IP2 2.2.2.2 = remote port 49194 = connect back
allowed under the firewall state of incoming above
that simple and I could show one where one or more players has a non Port Preservation connection type where the source and service port is changed on outgoing that the server can not detect but we leave it at that where a given range of source and service ports the game uses will mean that player can port forward them ports to get the game to work.
Like I said Valve is on the low end of listening to me or others vs the game dev using Valve implementation to request changes that the game dev can add in the game for better network compatibility .