Michael Niedermayer <michae...@gmx.at> added the comment: On Sun, Jan 24, 2010 at 10:52:08AM +0000, Jeremy Morton wrote: > > Jeremy Morton <ffm...@game-point.net> added the comment: > > "But I still have to understand what the requirements are, and why > providing the packet's source address in AVPacket would help (I suspect > it would be kind of useless for RTP...)." > > Luca, > > The requirement is for the calling code to be able to somehow tell ffmpeg > which > UDP packets to accept, and which to reject. In my case it needs to be based > on > source IP (perhaps port would be worth including too). Because UDP is > connectionless, the code may want to reject packets from invalid source IPs to > stop a DoS-style attack (eg. A is streaming video data to port 6789 so that > when > B streams its video data, you get a mixed up mess of 2 streams instead of one > unless you reject A's packets).
RTP has ssrc and seq numbers to get them right he will probably need access to your network and if he does have access to it the IP will not help you So i still dont see what kind of attack this would protect against about UDP if you only want packets from a specific IP the correct way is to specify this IP during open somehow not to accept all packets and after wasting resources to a DOS attack reject packets. [...] _____________________________________________________ FFmpeg issue tracker <iss...@roundup.ffmpeg.org> <https://roundup.ffmpeg.org/roundup/ffmpeg/issue1688> _____________________________________________________
