You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Motivation:
Applications need robust security components which can be used for access control, traffic management, payload matching, and more. Currently, we rely on low-level firewalls such as Iptables (Linux) or Windows Firewall (Windows). They work great and perfectly but they're not platform-independent.
Java is a platform-independent language and applications just work on any supported platform but when it comes to low-level firewalls, we have to configure platform-dependent solutions. This requires root (Superuser) permission and granting this permission is not a good security practice. Also, applications running on serverless architecture, or inside containers will have more hard time configuring these traditional solutions.
Modification:
To combat this, I'm introducing Netty Security. It works on any platform where Java (and Netty) is supported. There is no need for root (Superuser) permissions and it is configured purely from code.
I'm opening this discussion to evaluate if we should merge Netty Security into core Netty 5.
Nits:
One major drawback is the performance since we will be doing filtering at L7, this solution is not as fast as low-level firewalls but we are compromising performance for high-level filtering API.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Motivation:
Applications need robust security components which can be used for access control, traffic management, payload matching, and more. Currently, we rely on low-level firewalls such as Iptables (Linux) or Windows Firewall (Windows). They work great and perfectly but they're not platform-independent.
Java is a platform-independent language and applications just work on any supported platform but when it comes to low-level firewalls, we have to configure platform-dependent solutions. This requires root (Superuser) permission and granting this permission is not a good security practice. Also, applications running on serverless architecture, or inside containers will have more hard time configuring these traditional solutions.
Modification:
To combat this, I'm introducing Netty Security. It works on any platform where Java (and Netty) is supported. There is no need for root (Superuser) permissions and it is configured purely from code.
I'm opening this discussion to evaluate if we should merge Netty Security into core Netty 5.
Nits:
Beta Was this translation helpful? Give feedback.
All reactions