We should change the CID after enough idle time so that any possible NAT rebinding would be harder to be tracked by an outside observer. The simplest way to implement this would be in the flush send code path. When first starting a flush, check how much time has elapsed since the last send. If it's greater than X (20? 30?) seconds force a CID update (inline) first.
The text was updated successfully, but these errors were encountered:
We are unable to convert the task to an issue at this time. Please try again.
The issue was successfully created but we are unable to update the comment at this time.
Describe the feature you'd like supported
We should change the CID after enough idle time so that any possible NAT rebinding would be harder to be tracked by an outside observer. The simplest way to implement this would be in the flush send code path. When first starting a flush, check how much time has elapsed since the last send. If it's greater than X (20? 30?) seconds force a CID update (inline) first.
The text was updated successfully, but these errors were encountered: