[sslh] Transparent mode with IPv4 and IPv6
Matt Smith
sslh at xtaz.co.uk
Thu Jan 21 21:42:26 UTC 2016
Hi. I have an sslh which listens on both IPv4 and IPv6 using two
addresses in the listen configuration block. I am then using IPv4
addresses in the protocols block for the ssh and tls protocols. If
transparent is set to false then this works fine. I can connect using
either v4 or v6 and it successfully forwards to the service using v4.
However, if I have transparent set to true (with the appropriate
firewall rules) it appears that only v4 works. v6 just closes the
connection. If I change the IP address within the protocols block to be
the v6 one then v6 works and v4 starts just closing the connection.
So it would appear that in transparent mode you can only forward on the
same address type, whereas without transparent mode you can use either.
Is this something that could be solved within sslh or is this a
limitation of transparent proxying?
Thanks,
--
Matt
More information about the sslh
mailing list