If you restate your question, I might be able to answer it. I'm not sure what you mean by
users redirecting port 80.
Here is some level-setting, in case it helps.
----
- The TCP and UDP protocols reserve two 16-bit values called port numbers. Each data packet has a source port number and a destination port number.When we think of common services and their assigned port numbers, it is the destination port number we consider, even though there is a second, source port number used in UDP and TCP communication. That is because the source port number is often a high numbered, random port from a pool.
- You can find many standard and default destination port numbers for UDP and TCP services in /etc/services.
Routers that forward traffic via Network Address Translation (NAT) can do "port forwarding". While translating the IP address they can also translate the destination port number. For example, you might forward traffic destined for port 80 on your NAT router to a webserver that is
listening on port 8080.
Firewall rules that focus on port numbers for rules and policies can be fooled by knowledgeable users, who use common destination port numbers for other types of TCP or UDP traffic. Examples might be to use destination port 53 (DNS) or destination port 443 (HTTPS) for other type of traffic.
Users can operate their own NAT routers and have multiple devices share a single IP address. This could be a turnkey device, a workstation, or a smartphone or tablet.
Even a workstation with Windows can do this. You mentioned Internet Connection Sharing. All that is is Microsoft supplied NAT routing software for a Windows workstation with two or more network interfaces.