Gavin, On Wed, 24 Nov 2021 at 21:20, Gavin Henry <[email protected]> wrote:
> Working on the API and web UI next, then the p2p part of it. Feel free > to submit any feature requests or have a play :-) > P2P sounds ripe for abuse by bad actors... A few scenarios: 1. You only get the list if you provide a list of your own. Therefore, someone adds some random IPs into a list, then knows what the state of the network is, and as soon as the IP they're using appears on the list, they stop using it until it drops back off. 2. IPv6 means presumably blocking /64s at a time rather than individual addresses, I don't know if privacy addressing etc is a thing in the telephony market, where addresses rotate after a while? 3. CGNAT means you might affect more than you intended, and the problem will only get worse over time. 4. If the source IP is just a compromised device, you've booted that person (who may be an entire office) off SIP for a week or more, even if they fix the issue. Additionally, from a feature POV: 1. BGP sounds like a needless over-complication. Surely just some iptables (realistically: nftables) hooks would do? 2. A user is never going to pay for all data collected if it's available via P2P, and if it isn't all on P2P, then why would anyone use the P2P version? Not to mention it's once again a GDPR minefield. 3. "Small binary size for IoT usage" -- presumably this is going either on your voice gateway or being scraped from logs, it's way out of scope for IoT? Might I suggest just implementing a DNSBL or similar? Would be a lot simpler, allows for local caching, and it's very easy to extend -- allowing AXFR/IXFR if you wanted users to be able to scrape the entire list, or just with a pointer to an HTTP(S) URL that the zone can be downloaded. You can even parse submitted data and maybe even do a probe of your own or correlate with other submitted reports so that you only implement when multiple submissions from different locations report the same thing. Sure, it's not the distributed content hosting model you're looking for, but otherwise there's no stopping it from being abused. I used to run a couple of nodes in the PGP keyserver ring (aka "SKS") and it's amazing what things people will do to either be a nuisance or to show how "smart" they are. I would *strongly* recommend speaking with more operators first. Just my two pence worth. Maybe I'm wrong -- I've not done any SIP for a decade, and certainly not at your scale. M
