The safest way of achieving dynamic programming is to use a pair of multicast relay machines either side of the firewall. The machine on the unfriendly side of the firewall receives all the multicast traffic, and only allows groups through which it has been programmed to accept. It then encapsulates the traffic and sends it through to the other side of the relay, which checks the origin of the traffic (to prevent spoofing), unwraps it and sends it out. The dynamic programming can be achieved through authenticated RPC control, and sensible policy in recognising which sessions should be allowed.
Jon CROWCROFT
1998-12-03