lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 22 Oct 2014 19:11:30 +0200 From: Kristian Evensen <kristian.evensen@...il.com> To: Cong Wang <cwang@...pensource.com> Cc: netdev <netdev@...r.kernel.org> Subject: Re: [PATCH net-next] tcp: Add TCP_FREEZE socket option Hi, On Wed, Oct 22, 2014 at 6:56 PM, Cong Wang <cwang@...pensource.com> wrote: > At least split TCP is transparent to applications, while your approach is not. > I don't understand why you said it typically operates on some ports, since > TCP is stateful. I see that I might have used the wrong word here. I am use to calling them TCP splitters, but I see that the devices are also referred to as transparent TCP proxies. Anyhow, they are still transparent, but they violate end-to-end (even though I guess that is pretty common now-a-days). What I mean by the port-comment is that only connections to some ports are proxied/split. For example, one of the operators in Norway only proxy port 80, so any HTTPS transfer risk getting stuck after a temporary disconnect. -Kristian -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists