Date: Wed, 10 Oct 2001 20:00:07 GMT From: "Alex Newman" <dolemite@wulimasters.net> To: freebsd-hackers@freebsd.org Subject: NATD+SSL Message-ID: <20011010200007.94855.qmail@host4.rpi.wulimasters.net>
next in thread | raw e-mail | index | archive | help
Ok I know this sounds wacky, but I will try justify why i think it is usefull. If someone can think of a better way to achieve goals 1-3 or if they are silly goals please tell me. How easy would it be to implement ssl in the redirection part of natd. Some reasons why this is better than sslwrap/stunnel/sslproxy: 1) say you had a packet coming in on port 443 ->application->80->thttpd thttpd would see everything coming from localhost 2) It would allow you to more efficently have ssl proxy boxes infront of an array of webservers. This is useful if you had for instance a hardware crypto card in the ssl proxy. Currently the only decent way I know to do this today is with linux+stunnel since it has transparent proxy support. 3) Since these programs always are doing a redirect anyways it seems silly not to use natd for the redirction part of the process. Alex Newman www.wulimasters.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011010200007.94855.qmail>