Adding PortAllocator option to support cases where sockets can't be bound.

webrtc/base/firewallsocketserver.cc

Index: webrtc/base/firewallsocketserver.cc
diff --git a/webrtc/base/firewallsocketserver.cc b/webrtc/base/firewallsocketserver.cc
index 30e5c3bfaa8c14a6cc4b9edaff4610763bd96d8a..4a2a4048f37684bc4c2e0cc7838e984cf0269ee9 100644
--- a/webrtc/base/firewallsocketserver.cc
+++ b/webrtc/base/firewallsocketserver.cc
@@ -24,6 +24,14 @@ class FirewallSocket : public AsyncSocketAdapter {
     : AsyncSocketAdapter(socket), server_(server), type_(type) {
   }
 
+  int Bind(const SocketAddress& addr) override {
+    if (!server_->IsBindableIp(addr.ipaddr())) {
+      SetError(EINVAL);
+      return SOCKET_ERROR;
+    }
+    return AsyncSocketAdapter::Bind(addr);
+  }
+
   int Connect(const SocketAddress& addr) override {
     if (type_ == SOCK_STREAM) {
       if (!server_->Check(FP_TCP, GetLocalAddress(), addr)) {
@@ -176,6 +184,16 @@ bool FirewallSocketServer::Check(FirewallProtocol p,
   return true;
 }
 
+void FirewallSocketServer::SetUnbindableIps(
+    const std::vector<rtc::IPAddress>& unbindable_ips) {
+  unbindable_ips_ = unbindable_ips;
+}
+
+bool FirewallSocketServer::IsBindableIp(const rtc::IPAddress& ip) {
+  return std::find(unbindable_ips_.begin(), unbindable_ips_.end(), ip) ==
+         unbindable_ips_.end();
+}
+
 Socket* FirewallSocketServer::CreateSocket(int type) {
   return CreateSocket(AF_INET, type);
 }