[sslh] Iptables after SSLH redirection? (Need source IP that connects to SSLH)
Emmanuel Schwartz
schwartz at mail.hs-ulm.de
Fri May 27 09:51:04 UTC 2016
Hello all,
First, I want to thank the dev of this great packet which is quite useful!
To begin with, let me describe my current setup:
I have a central server (Linux) where every incoming or out-coming connection is going through this server. SSLH is installed on it, listen to port 443, and redirect SSH to localhost:22 and HTTPS to localhost:4443.
Then behind this central server, I have tiny servers (linux) which only have a connection to the central server, so no direct connection to Internet.
My problem is that depending on the IP which connects to SSLH, i would like to redirect to the correct tiny server. (e.g: IP1 goes to tinyserver3, IP2 goes to tinyserver1 etc etc..)
I think it is not possible since SSLH is redirecting every SSH packets to localhost:22 unless I have the source IP which connects to SSLH (using Iptables)
My question is:
How can I get this sourceIP which connects to SSLH?
Does SSLH replace the SSLH_IP:443 to localhost:22 inside the header ?
I would be so grateful if I can have some answers since I'm using it for my master thesis.
Thanks in advance
Best regards
Emmanuel
More information about the sslh
mailing list