[OpenSER-Devel] SF.net SVN: openser: [2753]
trunk/modules/nathelper
Dan Pascu
dan at ag-projects.com
Thu Sep 13 12:26:33 CEST 2007
On Thursday 13 September 2007, Juha Heinanen wrote:
> Bogdan-Andrei Iancu writes:
> > Are you referring to the pending patch for spoofing the source of
> > the ping (to a non local IP).
>
> i didn't remember that there was such a pending patch, but, yes, i was
> thinking about spoofing the source address/port to correspond those of
> a load balancer in front of the proxies.
One problem with this is that most of the internet service providers will
block IP packets that have a source address not in the originating
network to limit DOS attacks and other security related problems.
As a consequence, this will only work if the spoofed address is in the
same LAN with the proxy, but it will almost certainly fail if your load
balancer is in another location.
--
Dan
More information about the Devel
mailing list