[Devel] blacklistening feature request
Klaus Darilion
klaus.mailinglists at pernau.at
Mon Dec 18 14:26:10 CET 2006
Bogdan-Andrei Iancu wrote:
> Hi Klaus,
>
> I'm already working on a design for IP black list features, but with no
> usage of an additional route.
>
> I was thinking of having rules based on destination (netmask), maybe a
> hdr regexp (not sure if needed). All this rules will be grouped per
> classes (types).
>
> during the routing, you just choose what classes of rules should be
> added before sending it out. (none, one or several classes).
>
> the rules may be define via cfg params (statically) or maybe be loaded
> and manage via a module. The rules will be kept by core, but modules
> will have r/w access to them, so maybe we can enhance the permissions
> module to load and manage rules.
>
> Also the script will provide rules to add rules based on actions in
> script - if a destination gave timeout or refused TCP conn, it can be
> temporary put in a black list as rule.
>
> these are the rough first requirements for this feature, but any other
> input is welcomed.
sounds great
regards
klaus
>
> regards,
> bogdan
>
>
> Klaus Darilion wrote:
>
>> Hi!
>>
>> Is it possible to port the onsend_route and IP blacklistening from ser
>> to openser? Or are there too much changes in core since the split?
>>
>> If it is possible I will try to find some time for doing it.
>>
>> regards
>> klaus
>>
>>
>
--
Klaus Darilion
nic.at
More information about the Devel
mailing list