[sslh] [FW: Mail delivery failed: returning message to sender]

Yves Rutschle yves at rutschle.net
Tue Aug 17 20:43:08 UTC 2021


Hello all,

sslh-v1.22 is now available. Here's the ChangeLog:


	sslh-select now supports UDP protocols.
	Probes specified in the `protocols`
	configuration entry are tried on incoming packets,
	TCP or UDP, and forwarded based on the input
	protocol (an incoming TCP connection will be
	forwarded as TCP, and same with UDP).
	This has been tested with DNS as shown in udp.cfg:
	incoming packets that contain my domain name are
	assumed to be a DNS request and forwarded
	accordingly. Note this could cause problems if
	combined with incoming TLS with SNI.  UDP clients
	and servers need to agree on the IPv4/IPv6 they use:
	use the same protocol on all sides! Often, this
	means explicitely using 'ip4-localhost'.
	UDP sender-receiver pairs (connections, so to speak)
	are kept for 60s, which can be changed with
	`udp_timeout` in the configuration.

	Added probes for UDP protocols QUICK and Teamspeak.

	Added probes for syslog protocol.

	sslh-select refactored to change linear searches
	through connections to linear searches through
	fd_set.

	Fixed a libconfig call to support libconfig 1.7.3.

	Added symbol to support libconfig 1.4.9, still in
	use in CentOS7.

	Warn about unknown settings in the configuration
	file.

	Added per-protocol `transparent` option. sslh-fork
	drops the capability after creating the server-side
	transparent socket. Transparent now uses CAP_NET_RAW
	instead of CAP_NET_ADMIN.

	Removed compile-time option to use POSIX regex. Now
	regex must be PCRE2 (Perl-Compatible). This was in
	fact the case since v1.21, as PCRE are used to parse
	the config file.

As usual, available on the Web site (https://www.rutschle.net/tech/sslh/download) and on Github (https://github.com/yrutschle/sslh/releases/tag/v1.22)

Enjoy!
Cheers,
Y.


More information about the sslh mailing list