Suggestions, improvments:
- state replication between HA cluster machines
random session assingment (decrease vulnerability)
- slightly more sophisticated learning algorithm, disallow learning when client cannot know address (e.g. until 200 OK is received)
(decrease vulnerability)
- IPv6 support (I'm not sure if is possible manipulate IPv4 <-> IPv6 addresses this way it probably will mystify conntrack),
could be usefull for IPv4/6 gateways
- host/network order IP addresses in libipt_RTPPROXY library, what is better ?
- Pro vkládání komentářů se musíte přihlásit
Navigate