| Subject | Re: [Firebird-Architect] Create User Proposal |
|---|---|
| Author | Jim Starkey |
| Post date | 2004-09-23T22:02:32Z |
Samofatov, Nickolay wrote:
sure that it is useable for other purposes as well as reasonably
extensible. I personally care less about the details than the big
picture. As long as everything is tagged and the whole thing follows
dpb conventions, I'll be happy.
tolerate that nonsense. On the other hand, if your router/gateway has
been subverted, basically all bets are off. I'd like to hear other
opinions, but I'm inclined to trust the socket calls.
--
Jim Starkey
Netfrastructure, Inc.
978 526-1376
[Non-text portions of this message have been removed]
>My implementation of this piece is very simple and sketchy at theIf you having something working, lets start there. I just want to make
>moment. The whole Trace API/plugins thing is not complete yet and will
>require piece-by-piece discussion before including it into Firebird.
>
>
sure that it is useable for other purposes as well as reasonably
extensible. I personally care less about the details than the big
picture. As long as everything is tagged and the whole thing follows
dpb conventions, I'll be happy.
>So speaking in your terms I build the following structure:No, but a BNF (or equivalent) would be nice.
>
>isc_dpb_address_path <total length> <count byte> <address list>
>
><address list> ::= <protocol name length> <protocol name string>
><address length> <address string>
>
>My change of remote server appends a pair of protocol name ('IPv4') and
>protocol-specific address ('172.20.1.1') as strings into DPB block so
>Trace API hooks can parse it from DPB block and use to their
>convenience. No connection description, no anything. Do you want to see
>the engine patch? It is pretty much trivial.
>
>
> <>IPv4 addresses can almost always be forged and in many casesThat very may be true for IP and UDP, but I doubt that TCP could
>
>>cannot be
>>
>>
>>>trusted for security purposes.
>>>
>>>
>>>
>>>
>>Are you sure that's true? The IP address comes from the
>>socket information. If it has a forged IP, how can the
>>connect get established in the first place?
>>
>>
>
>If you are root on the machine you normally have access to 2 facilities:
>1) raw sockets
>2) ethernet driver interface
>
>Ethernet driver interface allows to set MAC address and generally craft
>Ethernet frames. You can find scripts which turn common switches to hubs
>and allow you to listen to desired segment of network even if it is
>behind switches. Approach is based in overflow of MAC/port dispatch
>table of switch. Cheap switches become hubs in this case.
>
>
>
tolerate that nonsense. On the other hand, if your router/gateway has
been subverted, basically all bets are off. I'd like to hear other
opinions, but I'm inclined to trust the socket calls.
--
Jim Starkey
Netfrastructure, Inc.
978 526-1376
[Non-text portions of this message have been removed]