[sslh] sslh on RedHat
Michael Lang
Michael.Lang at chester.at
Thu Jan 3 09:23:25 CET 2013
On 01/02/2013 04:25 PM, Yves Rutschle wrote:
> Hi Michael,
>
> On Wed, Jan 02, 2013 at 12:42:02PM +0100, Michael Lang wrote:
> [...]
>> * the Makefile should have $(DEST)$(PREFIX) to be able to "relocate"
>> the binaries within the build environment
>> (for now, I've moved the "make install" to the SPEC file by doing
>> the same as you do in your Makefile::install
> I am not sure what you're trying to achieve: compiling in a
> different directory so the source directory remains
> untouched?
Yves,
i was meaning, to be able to "smootly" redirect the output of "make
install" to a different directory, normally people use DESTDIR in their
makefile like
<from sslh-1.14/Makefile>
# generic install: install binary and man page
install: sslh $(MAN)
install -D sslh-fork $(PREFIX)/sbin/sslh
install -D -m 0644 $(MAN) $(PREFIX)/share/man/man8/$(MAN)
# should be changed to
# generic install: install binary and man page
install: sslh $(MAN)
install -D sslh-fork $(DESTDIR)$(PREFIX)/sbin/sslh
install -D -m 0644 $(MAN) $(DESTDIR)$(PREFIX)/share/man/man8/$(MAN)
</Makefile>
with this modification it would be possible to do something like
$ make install DESTDIR=/tmp/buildroot
>
>> * examples for configuring openvpn + tinc + ssh + ssl ... if this is
>> possible. I haven't been able to enable all protocols at once
> There should be no obstacle, just specify them all...
> although I haven't tried it, and in fact I doubt anyone
> would have use for some combinations (e.g. openvpn and tinc,
> which I understand perform a similar function).
>
> What do you mean that you were not able to enable them? It
> crashed, or just didn't work for some protocols?
>
I've tried enabling all protocols at once, but it ended up in matching
the last one specified eq:
protocols:
(
{ name: "ssh"; service: "ssh"; host: "localhost"; port: "22";
probe: "builtin"; },
{ name: "tinc"; service: "tinc"; host: "localhost"; port: "655";
probe: "builtin"; },
{ name: "openvpn"; host: "localhost"; port: "1194"; probe:
"builtin"; },
{ name: "http"; host: "localhost"; port: "80"; probe: "builtin"; },
{ name: "ssl"; host: "localhost"; port: "443"; probe: "builtin"; }
);
would always end at localhost:443 if connecting with openvpn and or tinc
>> * examples for matching protocols
> There are a couple of regex matchings in example.cfg.
i've seen your probe settings in the example.cfg but I'm missing an
explanation how to be able to see what I should be matching there... do
you know what I mean ? I can understand that for example jabber will be
in the plain-text protocol of xmpp but what matches can be done against
encrypted packages ? and what to look at those packages ? (maybe you
could explain how you figured out the openvpn regex ?)
thanks for your answers ...
sorry if I wasn't clear in the first mail :)
regards
mIke
>
>> I've attached the spec file and the tarball containing packages for
>> EL5 and EL6 (can be used on CentOS to)
> Thanks; I'll add them to the Web page alongside the source.
>
> Cheers,
> Y.
>
More information about the sslh
mailing list