Date: Fri, 22 Nov 2002 21:49:06 +0300 From: Alex Povolotsky <tarkhil@webmail.sub.ru> To: Marc Perisa <perisa@porsche.de> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: jailed virtual https, anyone? Message-ID: <20021122214906.410af0a0.tarkhil@webmail.sub.ru> In-Reply-To: <3DDE4B66.1040102@porsche.de> References: <20021122145947.406b4d31.tarkhil@webmail.sub.ru> <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAA4RatOouMvEOzXXL4aXw9/cKAAAAQAAAAhnmDgV2EvUqm7WMtfEV72wEAAAAA@primus.ca> <20021122155027.7f694357.tarkhil@webmail.sub.ru> <3DDE4B66.1040102@porsche.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 22 Nov 2002 16:21:10 +0100 Marc Perisa <perisa@porsche.de> wrote: MP> > I'm forwarding incoming connection to jail, currently with ipnat. I need to pass information MP> > about real (outside) IP to mod_ssl. That is my problem. MP> MP> ? (I understand what you do - but not why ...) On one hand, I'm going to isolate users from outside world. On the other hand, I cannot afford right now to provide each ot these users by their own jail with. Hmm, maybe I could run lots of jails on the same filesystem, but this will create immeasurable lots of apaches mostly staying idle. MP> Ok. Why don't you put every single jail with it's outside IP up and let MP> it run there (binded to fxp0). What do you want to reach with that setup MP> ? More security? I'm running several scores of virtualhosts right now, ant number of the is going to increase. At least 5 apaches, one sshd... hmm, even if I'll make annother jail for sshd/cron, I'm going to have LOTS and LOTS of idle apaches. MP> MP> Next possibility is to setup a https->http gateway on the external IP MP> (binded to fxp0) and forward the un-encrypted requests over to the MP> apache (name-based or whatever). Yes, I'm starting to look towards that direction. Most likely, I'll install/patch some https->http proxy on weekend. But in this case, I need to pass https variables some more or less efficient and elegant way... Well, I'll do it ;-) -- Alex. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021122214906.410af0a0.tarkhil>