How to work from behind proxies ? (with patch providing a partial solution)
martin f krafft
madduck at debian.org
Thu Jul 27 11:28:03 BST 2006
also sprach Vincent LADEUIL <v.ladeuil at alplog.fr> [2006.07.27.1045 +0100]:
> Hmmm. So you propose to install OpenVPN on the H host only and
> not on the F one (where I lack admins privileges to modify
> network setup) ? Care to elaborate a bit on your setup then ?
Laptop -> HTTP Proxy -> Firewall -> [Internet] -> my machine:443
In your case I'd run it on H and make both F and W connect to it.
You could then automatically connect from W to F and vice versa.
>
> How would I handle https connections for the H https server
> already listening on 443 ?
Ah, you cannot really do that.
But what you could do, and I've long wanted to implement this, is
write a stupid daemon that listens on port 443 and will wait for
a configurable (small) amount of time for traffic from the client.
If it gets traffic, it passes the connection off to apache. If it
does not get traffic, it passes off to sshd. This should work
because http and ssh do differ in who says the first word in
a connection: the client issues a request for HTTP, but waits for
the server banner for SSH.
I'll reply privately from now on, but wanted to make the above idea
more public to increase the chance of someone picking up on it. :)
--
.''`. martin f. krafft <madduck at debian.org>
: :' : proud Debian developer and author: http://debiansystem.info
`. `'`
`- Debian - when you have better things to do than fixing a system
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/IT d- s: a-- C++(++++) UL+++(++++) P+ L++++ E--- W- N+ o-- K !w O-
M- V PS+(+++) PE(--) Y+ PGP++ t- 5 !X R- !tv b+(++) DI--(+) D++(+++)
G+ e>++++ h* r+>++ y+++++>+(++)
------END GEEK CODE BLOCK------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature (GPG/PGP)
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20060727/211279c1/attachment.pgp
More information about the bazaar
mailing list