no, that would be *really* ugly. because then you'd expect the
NAT box to know how to intercept every application you'd want
to use, despite the fact that those applications are evolving
and the set of those apps is changing constantly. so you'd have
to upgrade your NAT every time you upgraded installed a new app.
What's the difference with the way it already is? The ALG component
does need to know about the app already.
only for those apps that are NAT-sensitive.
what you propose would make every app NAT-sensitive, and increase the
rate of failures due to intermediaries that intercept protocol
interactions and botch them.