--- Christian Lyra <[EMAIL PROTECTED]> wrote:
> supernode:
> - daemonization code (dettach from the terminal)
> - better log support (syslog support)
> - community filter (to avoid abuse)
>
> edge:
> - daemonization code (dettach from terminal)
> - config file support
> - multicast support (multicast doesnt like to play interdomains... n2n
> could be helpful. Also ospf uses multicast!)
Multicast might work already.
Here's my lists:
Apparent issues
- supernode does not send REGISTER_ACK to edge.
- edge to supernode registration retry does not exist.
- random seeding of twofish is too predictable for crypography.
- edge not allowed to start without IP address - conflicts with DHCP, etc.
- MTU calculations.
- only /24 n2n networks supported.
- unmarshall + marshall for changing one bit (should pass
n2n2_packet_header and payload separately and combine in final
marshalling for efficiency).
- password on edge command line is a security flaw (envar now used).
- LZO compressing to larger size a problem if packet of max size to
start with.
- supernode is vulnerable to DoS by fast registration attack.
- use of global variables inhibits use as a library, eg. python extension, or
daemon managing multiple edges.
Questions
- is private_ip used for anything?
Features to add
- Config file for edge.
- Config file for supernode.
- SIGUSR1/SIGUSR2 to change logging verbosity
- Configure persistent registration and gratuitous ARP.
- Supernode federation and announcement.
- Supernode token to prevent MAC being registered to two edges.
- Replace supernode threads with select().
Get the name you always wanted with the new y7mail email address.
www.yahoo7.com.au/y7mail
_______________________________________________
Ntop-dev mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-dev
