Bogdan-Andrei Iancu wrote:
Juha Heinanen wrote:
I was thinking having this in core to be able to use it both in >
stateless (core) and statefull (tm) mode. My concern is where/how to > define the IP black list. If it will be kept in core, will the core > populated it (via script??) or module should register IPs to the core
list? All this in the idea of being able to do a nice provisioning
of > the IP blacklist.
in order to be useful, blacklist must be kept in a database table, which ser can reload into memory by a fifo command.
again, agree; the question is where to keep the list: in core and the core should export fifo command for reload from file maybe (the core should not be DB dependent)?
in the case of gateways, it would be nice, if for example the GW table from lcr can be reused. Maybe by having a paramter in lcr which let the LCR module export the GW IPs to the blacklist of the core.
klaus