On Tuesday, 5 December 2017 14:55:09 PST Gregg Reynolds wrote: > Don't mean to try your patience, but I still don't follow. It sounds like > you're describing an ocf service that just happens to run on a router. In > that case there's no question of not accepting ocf local packets nor of > talking to the cloud. No? There would only be an issue if the OCF service > was indeed a router/bridge which could send and receive stuff on the cloud. > Then you might want to white/black list cloud (tcp/http) addresses. But > that's not an ocf issue, is it?
Correct, I was talking about a regular service that just happens to be run on a machine with more than one network interface, one of which is actively hostile. Sure, this device may talk to the Cloud, but that's very different from doing neighbour discovery on the WAN port. With my cable modem, for example, there are anywhere from a few tens to hundreds of other connections on the same bus, from other subscribers to my ISP. This could happen on a phone as well. If I have my IoTivity application running on my phone and I walk out the door, I don't want it to send discovery requests over 3G. It's a PPP connection, so it won't find any neighbours, but I don't want those packets going out anyway. Much less accept incoming packets. -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel Open Source Technology Center _______________________________________________ iotivity-dev mailing list [email protected] https://lists.iotivity.org/mailman/listinfo/iotivity-dev
