Uploaded image for project: 'Network Observability'
  1. Network Observability
  2. NETOBSERV-148

FlowCollector port spec: forbid some values

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • Loki
    • None
    • False
    • None
    • False
    • 2
    • None
    • None
    • NetObserv - Sprint 214

      https://coreos.slack.com/archives/CDCP2LA9L/p1641897908064500?thread_ts=1641409941.154400&cid=CDCP2LA9L

      The NOO should have a deny-list that prevents setting some ports for the collector, in order to avoid a DDoS:

      • XLAN UDP port 4789
      • 6081 for GENEVE.
      •  IKE for IPsec  500 and 4500.
      • anything below < 1024 by convention.

              ocazade@redhat.com Olivier Cazade
              mmaciasl@redhat.com Mario Macias (Inactive)
              None
              None
              Mehul Modi Mehul Modi
              None
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: