third-party-mirrors/sslh
1
0
Fork 0
mirror of https://github.com/yrutschle/sslh.git synced 2025-04-18 17:57:39 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix README typos.

Browse Source
This commit is contained in:
Jim Tittsler 2016-12-19 10:24:31 +09:00 committed by GitHub
parent f02ce3821c
commit 234c088324
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -135,7 +135,7 @@ i.e. that that is not `127.0.0.1` in the output of
Libwrap support Libwrap support
--------------- ---------------
Sslh can optionnaly perform `libwrap` checks for the sshd Sslh can optionally perform `libwrap` checks for the sshd
service: because the connection to `sshd` will be coming service: because the connection to `sshd` will be coming
locally from `sslh`, `sshd` cannot determine the IP of the locally from `sslh`, `sshd` cannot determine the IP of the
client. client.
@ -145,10 +145,10 @@ OpenVPN support
OpenVPN clients connecting to OpenVPN running with OpenVPN clients connecting to OpenVPN running with
`-port-share` reportedly take more than one second between `-port-share` reportedly take more than one second between
the time the TCP connexion is established and the time they the time the TCP connection is established and the time they
send the first data packet. This results in `sslh` with send the first data packet. This results in `sslh` with
default settings timing out and assuming an SSH connexion. default settings timing out and assuming an SSH connection.
To support OpenVPN connexions reliably, it is necessary to To support OpenVPN connections reliably, it is necessary to
increase `sslh`'s timeout to 5 seconds. increase `sslh`'s timeout to 5 seconds.
Instead of using OpenVPN's port sharing, it is more reliable Instead of using OpenVPN's port sharing, it is more reliable
@ -396,8 +396,8 @@ Fail2ban
If using transparent proxying, just use the standard ssh If using transparent proxying, just use the standard ssh
rules. If you can't or don't want to use transparent rules. If you can't or don't want to use transparent
proxying, you can set `fail2ban` rules to block repeated ssh proxying, you can set `fail2ban` rules to block repeated ssh
connections from a same IP address (obviously this depends connections from an IP address (obviously this depends
on the site, there might be legimite reasons you would get on the site, there might be legitimate reasons you would get
many connections to ssh from the same IP address...) many connections to ssh from the same IP address...)
See example files in scripts/fail2ban. See example files in scripts/fail2ban.