CzechTODO list
Suggestions, improvments:
-
state replication between HA cluster machines
random session assingment (decrease vulnerability)
slightly more sophisticated learning algorithm, disallow learning when client cannot know address (e.g. until 200 OK is received)
(decrease vulnerability)
IPv6 support (I'm not sure if is possible manipulate IPv4 <-> IPv6 addresses this way it probably will mystify conntrack),
could be usefull for IPv4/6 gateways
host/network order IP addresses in libipt_RTPPROXY library, what is better ?