4. Fluentd forward
has no authentication
issues:81 "Authentication between nodes is
required" by @saki7
has no encryption
pull:56 "Added compression and encryption
feature to forward plugin" by @mazgi
13年2月15日金曜日
5. But how?
'OpenSSL::SSL::SSLSocket'
Socket overwrapped by OpenSSL
Simple digest authentication over SSL
13年2月15日金曜日
6. fluent-plugin-secure-forward
Forwarding over SSL [required]
with auto-generated self-signed certification
Shared key authentication [required]
to verify receiver identity
Username and Password authentication [optional]
to verify sender identity
13年2月15日金曜日
14. Many many TODOs:
Tests for non self-signed certificates
ACK mode protocol design & implementation
Keepalive disable mode implementation
More access control
Network ACL & domain wildcard ACL
DNS reverse lookup & check
Disconnection just after SSL session established
Pluggable authentication databases
Encryption algorithm options
Balancing/failover connections
TESTS!!!!!!! (this plugin has no one asserts....)
13年2月15日金曜日
15. fluent-plugin-secure-forward
Version v0.0.1 is HIGHLY EXPERIMENTAL
This plugin is TOY PROGRAM PoC
We needs other maintainer who uses this plugin
or MONEY & TD support! :-)
Thanks!
13年2月15日金曜日