[sslh] fail2ban

Davide Perini perini.davide at dpsoftware.org
Thu Oct 3 11:33:17 CEST 2013 

Hi,
thanks for the answer.

I read the readme, I'm doing troubleshooting without iptables so one 
problem less,
I'm starting sslh as root so no problem in permission or need to setcap 
the sslh command,
this is the command I'm trying.

sslh --transparent -u root -p  myPublicVPNIpAddress:443 --ssl myPublicVPNIpAddress:8443 --ssh myPublicVPNIpAddress:49999

It does not work, I get timeout connecting to port 443.
Is there something else that I should consider?

Thanks,
Davide

Il 03/10/2013 10:32, Jon Spriggs ha scritto:
> Transparent mode adds an awful lot of other stuff that needs to be
> done. The "How to make it work" is in the README here:
>
> https://github.com/yrutschle/sslh/blob/master/README#L185
> --
> Jon "The Nice Guy" Spriggs
>
>
> On 3 October 2013 09:30, Davide Perini <perini.davide at dpsoftware.org> wrote:
>> Hi,
>> really thanks for the answer!
>>
>> I'm using the latest SSLH version (1.15) but it seems to not work.
>> If I add the --transparent option, SSLH simply stops answering, if I remove
>> the --transparent option, all works ok.
>>
>> I tried starting SSLH as root just for a try with this command:
>> sslh --transparent -u root -p  mypublicipaddress:443 --ssl 127.0.0.1:8443 --ssh
>> 127.0.0.1:49999
>>
>> There is no error, simply no response. I also disabled selinux and iptables
>> for the try but it not respond.
>>
>> Any help is much appreciated.
>>
>> Thanks!
>>
>> Best Regards,
>> Davide Perini
>>
>>
>> Il 03/10/2013 10:27, Jon Spriggs ha scritto:
>>
>>> There is a new version of SSLH which permits transparent source
>>> multiplexing. If you use that, then fail2ban may work?
>>> --
>>> Jon "The Nice Guy" Spriggs
>>>
>>>
>>> On 1 October 2013 15:23, Davide Perini <perini.davide at dpsoftware.org>
>>> wrote:
>>>> Hi,
>>>> thanks for writing such a great piece of software like SSLH, I really
>>>> appreciate it.
>>>>
>>>> Is there any way of using SSLH with fail2ban?
>>>> Once using SSLH my logs are full of 127.0.0.1 so I lost the IP address
>>>> that
>>>> is ussing HTTPS or SSH.
>>>>
>>>> Please help.
>>>>
>>>> Thanks,
>>>> Davide Perini
>>>>
>>>>
>>>> _______________________________________________
>>>> sslh mailing list
>>>> sslh at rutschle.net
>>>> http://rutschle.net/cgi-bin/mailman/listinfo/sslh
>>

More information about the sslh mailing list