Date: Fri, 22 Nov 2002 11:38:40 -0800 From: Nicholas Esborn <nick@netdot.net> To: Alex Povolotsky <tarkhil@webmail.sub.ru> Cc: freebsd-security@FreeBSD.ORG Subject: Re: jailed virtual https, anyone? Message-ID: <20021122193840.GA16501@carbon.berkeley.netdot.net> In-Reply-To: <20021122210409.0061b0c7.tarkhil@webmail.sub.ru> References: <20021122155027.7f694357.tarkhil@webmail.sub.ru> <20021122113328.M48082-100000@lorax.ubergeeks.com> <20021122210409.0061b0c7.tarkhil@webmail.sub.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Have you considered using a simple TCP-port redirector like pound? It's in the ports tree in www/pound. It would pass the connection in to your lo0 alias with minimal modifications to the packets. -nick On Fri, Nov 22, 2002 at 09:04:09PM +0300, Alex Povolotsky wrote: > YES!!! YES!!! YES!!! I do understand it for quite some time!!! >=20 > But, for instance, transproxy extracts real IP information from /dev/ipl,= which seems to be unavailable from inside the jail. >=20 > I need either proxy with some method of SSL environment variables passing= , or some apache module retrieving information from /dev/ipl or something e= lse, or some way to transfer packets keeping original destination address. >=20 > That is what I'm seeking here.=20 >=20 > --=20 > Alex. --=20 Nicholas Esborn Unix Systems Administrator Berkeley, California To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021122193840.GA16501>