[Olsr-dev] Fwd: Bug#532573: olsrd: olsrd_dot_draw does not honor the "accept" parameter
Henning Rogge
(spam-protected)
Fri Aug 7 14:45:10 CEST 2009
Am Freitag 07 August 2009 13:06:15 schrieb Sebastian Harl:
> > > I've included the patch in the Debian package and would appreciate
> > > upstream integration ;-)
> >
> > The "problem" I see with the current patch is that it adds no
> > functionality to the plugin, it just gives you two different ways to do
> > the same thing. And if you use both most likely you don't get any
> > connection at all.
>
> Hrm … well, if a user misconfigures the plugin / olsrd, then, yes, it's
> not going to work ;-) If I understood the ACLs correctly (admittedly, I
> did not have a look at them yet), they are about verifying the _remote_
> side, while my patch allows to configure local properties. So, while
> both may be used to achieve the same result, it may also allow for more
> fine grained control over client connections.
>
> By saving resources for accept()ing connections, doing access control
> and then rejecting the connection from some unwanted network this, e.g.,
> allows to prevent DoS attacks, so this allows for a completely different
> level of security.
Okay... :)
it will take a day or two to get the code into txt/http/dotdraw plugin, I have
seen that the dotdraw plugin has the same "it can block OLSR if writing
blocks" problem than txt/httpinfo. When the code is in the repository I will
sens you a mail so you can test it, okay ?
Henning
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20090807/12177af7/attachment.sig>
More information about the Olsr-dev
mailing list