[sslh] Plan to integrate IP_TRANSPARENT
Yves Rutschle
yves at naryves.com
Sat Jul 6 01:00:11 CEST 2013
> >> Ok, I confirm that the patch works, you just have to target
> >> addresses that aren't localhost. This means you can't have
> >> Apache listen to localhost:443, but I guess that a small
> >> price to pay to get transparent proxy-ing.
> >
> > So you need 2 IP devices ( a proxy + SSH/OpenVPN/HTTPS server ) to get sslh
> > work with that ?
> > Anyway, thank you very very much !
> >
> Well, actually, I'd guess you'd need two ports on the same IP address?
> 10443 and 10022 + 22?
Correct: you can redirect to the IP address of the same
machine, just you can't use its loopback address.
./sslh-fork --listen 192.168.0.1:443 --ssh 192.168.0.1:22 --ssl 192.168.0.1:4443
NOT:
./sslh-fork --listen 192.168.0.1:443 --ssh 127.0.0.1:22 --ssl 127.0.0.1:4443
Y.
More information about the sslh
mailing list