Replies: 2 comments
-
|
any ideas on this? |
Beta Was this translation helpful? Give feedback.
-
|
to provide more context to the issue, I hava a mediamtx server behind traefik v2 in a kubernetes environment with TCP passthrough route setup. My client software connects to the server using a domain name rtmp://video.company.com:1935/live/video1 which works fine even with authentication. The problem is, some wild bots keep hitting the mediamtx server end points all the time and I would like to restrict only valid requests going to the server. Is there a way so that either I can intercept the port scan request and reject it before reaching the server? Does it makes sense to use another mediamtx as a load balancer which forwards only valid requests to the main server? or something to be done in the setting of the traefik itself? |
Beta Was this translation helpful? Give feedback.
-
Question
Hi,
Is it possible to accept connections to the server from clients with HostSNI matching certain pre-defined pattern? e.g. rtmp://video.company.com:1935/live/video1? I know we can restrict access to the server based on IP but did not find anything about restricting access based on HostSNI. Would it be different for TLS or non-TLS end points? e.g. RTMP or RTMPS?
Since the server parses the query parameter from the URL, it should be possible to add some kind of rejection if the url does not contain the pre-defined domain name.
Beta Was this translation helpful? Give feedback.
All reactions