[sslh] Better --transparent way on Linux
Yves Rutschle
yves at rutschle.net
Sun Jan 26 20:36:39 UTC 2020
Hello everyone,
On Sat, Nov 02, 2019 at 08:55:27PM +0000, Yves Rutschle wrote:
> Thanks for the new rules and comments... I'll try and
> integrate this into the existing documentation, but I think
> I need to re-organise it if we don't want to have things
> scattered all over...
See new interesting information here:
https://github.com/yrutschle/sslh/issues/252#issuecomment-576224387
which indicates adding docker is yet another setup.
So now my thinking is to make 4 chapters:
- sslh and target service on same host
=> Achieved with the simple rules
- sslh and target service on different hosts
=> achieved with Sean Warner's setup (currently documented
in https://github.com/yrutschle/sslh/blob/master/doc/tproxy.md)
- sslh on main host and target in a docker on the same host
- sslh in a docker targeting a different docker
=> No known working setup at this point
This is all complicated by the fact that for some reason my
VPS does not seem to support transparent proxying
(setsockopt IP_TRANSPARENT fails...) so I can't test
anything :/
Y.
More information about the sslh
mailing list