[sslh] Many processes

Maurice Commandeur maurice at nieuwerbrug.org
Tue Feb 7 13:26:24 CET 2012 

Hi Yves,

It's just a simple home setup.

internet -> router -> server
All NAT and portforwarding stuff.

The only thing that I can imagine is that my server has 2 ip's on the en0 interface

server:~ $ ifconfig en0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	options=2b<RXCSUM,TXCSUM,VLAN_HWTAGGING,TSO4>
	ether c4:2c:03:0b:20:af 
	inet6 fe80::c62c:3ff:fe0b:20af%en0 prefixlen 64 scopeid 0x4 
	inet 192.168.0.75 netmask 0xffffff00 broadcast 192.168.0.255
	inet 192.168.0.73 netmask 0xffffff00 broadcast 192.168.0.255
	media: autoselect (1000baseT <full-duplex,flow-control>)
	status: active

the 192.168.0.73 is the ip with apache running on port 443
the 192.168.0.75 is the ip where sslh runs on port 443.
My router forwards ip's from the internet to port 443 on 192.168.0.75.
then sslh decides where to do what.
Apache is specifically configured to not use *:443 but only 192.168.0.73 and 127.0.0.1. 

I'll try to rebuild it… So that my router sends all traffic coming from the internet to 192.168.0.73:4443
sslh listening on 192.168.0.73:4443 and configure sslh to use port 443 and 22.
Then I can disable the 192.168.0.75 ip number.

Maurice

Op 7 feb. 2012, om 07:04 heeft Yves Rutschle het volgende geschreven:

> On Sat, Feb 04, 2012 at 10:56:27PM +0100, Maurice Commandeur wrote:
>> ## now adding a https session via sslh
>> 
>> $ ps -ef | grep [s]slh 
>>   -2 88079     1   0 10:36PM ??         0:00.00 /opt/local/sbin/sslh -f -v -u nobody -p 192.168.20.75 443 --ssh localhost 22
>>   -2 88080 88079   0 10:36PM ??         0:00.00 /opt/local/sbin/sslh -f -v -u nobody -p 192.168.20.75 443 --ssh localhost 22
>>   -2 88122 88080   0 10:41PM ??         0:00.03 /opt/local/sbin/sslh -f -v -u nobody -p 192.168.20.75 443 --ssh localhost 22
>>   -2 88146 88080   0 10:42PM ??         0:00.00 (sslh)
>>   -2 88152 88080   0 10:42PM ??         0:00.00 (sslh)
> [...]
>> It seems that the https session is the felon...
> 
> This is a little strange, since sslh makes no difference between
> https and ssh once the connection is initiated.
> 
> Do you get https connections through another type of proxy?
> 
> Y.

More information about the sslh mailing list