how would you implement this in userspace without having to change every program (that uses ephemeral ports) on the system? Remember to include closed source and staticly linked programs in your solution.
The other thing that should be made easier is using a port for more than one thing at a time.
a connection is defined by 4 items, source IP, source port, destination IP, destination port.
a listening service is defined by the destination IP and destination port.
Thus you could have a connection from port 1234 on your local IP to some destination while still having a server listening for new connections on port 1234. The kernel can tell when a packet arrives if it is for an existing connection or not.
the only place this can't be done is for connectionless protocols like UDP, but is it really the best thing to block the port from being used by anything else? or would it be good enough to let an app (or a wrapper for the app, possibly including firewall-like logic in the kernel like IPTables uses) define a connection and deliver return traffic on that connection to one app, while delivering other traffic hitting that port to other app(s)?
even on TCP the inability to re-use ports can be a problem. With the default TCP timeouts you cannot do more than ~16,000 connections/sec before you start running out of ports. If ports could be re-used with different remote points this limit would be ~16,000 connections/sec with a single remote IP/port combination