[sslh] sslh as http multiplexer

Yves Rutschle yves at rutschle.net
Wed Dec 16 21:15:40 UTC 2020


On Wed, Dec 16, 2020 at 05:04:09PM +0100, Felix Niederwanger wrote:
>          { name: "http", host: "192.168.0.2"; port: "80"; hostname:
> "host_A.acme"; log_level: 0 },
>          { name: "http", host: "192.168.0.3"; port: "80"; hostname:
> "host_B.acme"; log_level: 0 },
> 

The later versions of sslh would have complained that
'hostname' is not a valid setting. That's the root cause of
your problem: 'hostname' is not a valid setting.
`sni_hostname` is, but only for the TLS probe.

What you could easily do is use the regex probe instead,
like:

{ name: "regex"; host: "192.168.0.2"; port: "80"; regex_patterns: ["^(GET|POST).*host_A.acme"] },
{ name: "regex"; host: "192.168.0.3"; port: "80"; regex_patterns: ["^(GET|POST).*host_B.acme"] },

> Is hostname selection not yet included for http 

It's not really planned. I think in many cases, people
forward HTTP to a Web server (Apache or nginx) which then
does the reverse proxying at HTTP level.

Y.



More information about the sslh mailing list