[sslh] Many processes
Maurice Commandeur
maurice at nieuwerbrug.org
Tue Feb 7 13:26:24 CET 2012
Hi Yves,
It's just a simple home setup.
internet -> router -> server
All NAT and portforwarding stuff.
The only thing that I can imagine is that my server has 2 ip's on the en0 interface
server:~ $ ifconfig en0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=2b<RXCSUM,TXCSUM,VLAN_HWTAGGING,TSO4>
ether c4:2c:03:0b:20:af
inet6 fe80::c62c:3ff:fe0b:20af%en0 prefixlen 64 scopeid 0x4
inet 192.168.0.75 netmask 0xffffff00 broadcast 192.168.0.255
inet 192.168.0.73 netmask 0xffffff00 broadcast 192.168.0.255
media: autoselect (1000baseT <full-duplex,flow-control>)
status: active
the 192.168.0.73 is the ip with apache running on port 443
the 192.168.0.75 is the ip where sslh runs on port 443.
My router forwards ip's from the internet to port 443 on 192.168.0.75.
then sslh decides where to do what.
Apache is specifically configured to not use *:443 but only 192.168.0.73 and 127.0.0.1.
I'll try to rebuild it… So that my router sends all traffic coming from the internet to 192.168.0.73:4443
sslh listening on 192.168.0.73:4443 and configure sslh to use port 443 and 22.
Then I can disable the 192.168.0.75 ip number.
Maurice
Op 7 feb. 2012, om 07:04 heeft Yves Rutschle het volgende geschreven:
> On Sat, Feb 04, 2012 at 10:56:27PM +0100, Maurice Commandeur wrote:
>> ## now adding a https session via sslh
>>
>> $ ps -ef | grep [s]slh
>> -2 88079 1 0 10:36PM ?? 0:00.00 /opt/local/sbin/sslh -f -v -u nobody -p 192.168.20.75 443 --ssh localhost 22
>> -2 88080 88079 0 10:36PM ?? 0:00.00 /opt/local/sbin/sslh -f -v -u nobody -p 192.168.20.75 443 --ssh localhost 22
>> -2 88122 88080 0 10:41PM ?? 0:00.03 /opt/local/sbin/sslh -f -v -u nobody -p 192.168.20.75 443 --ssh localhost 22
>> -2 88146 88080 0 10:42PM ?? 0:00.00 (sslh)
>> -2 88152 88080 0 10:42PM ?? 0:00.00 (sslh)
> [...]
>> It seems that the https session is the felon...
>
> This is a little strange, since sslh makes no difference between
> https and ssh once the connection is initiated.
>
> Do you get https connections through another type of proxy?
>
> Y.
More information about the sslh
mailing list