On Wednesday 25 August 2010 22:12:28 Robert Hogan wrote: > > - We can achieve some/a lot of the benefits sought by the proposal if we > isolate streams based on the information provided by the socks request > itself. The things people have suggested are: > 1 Socks authentication info (username/pass) > 2 Socks listener address/port > 3 Socks protocol > 4 Socks client IP > 5 Info in /proc/pid/cmdline garnered from the client's port number
So after more discussion this list now looks like: 1 Socks authentication info (username/pass) 2 Socks listener address/port 3 Socks protocol 4 Socks client IP 5 Destination Port (if it is in the LongLivedPort list) And the consensus is it should be on by default. Adding number 5 to the list would allow users to isolate streams by port 80 if they chose to designate it a LongLivedPort. I'm not sure if that means we should leave it out of the list, if we should defend against 'invalid' LongLivedPorts, or if it's something we are happy to allow. I think the list above allows stream isolation on requests over TransPort and NATDPort - at least to the extent that it will isolate streams on the basis of 2, 4 and 5 (if applicable).
