third-party-mirrors/sslh
1
0
Fork 0
mirror of https://github.com/yrutschle/sslh.git synced 2025-04-04 19:30:04 +03:00
Code Issues Packages Projects Releases Wiki Activity
848 Commits 3 Branches 40 Tags
Commit Graph

848 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Yves Rutschle
951b708f61 clarify UDP will not be supported in sslh-fork in the future 2025-03-09 09:44:15 +01:00
Yves Rutschle
5a0897c5cb refactor: connect_addr() update the *cnx object upon connecting to backend server, instead of each caller doing it 2025-03-09 09:43:41 +01:00
Yves Rutschle
7a6673a877 merged proxyprotocol linking 2025-02-21 21:03:59 +01:00
yrutschle
3ebdca5e96 document move of libraries to autoconf detection 2025-02-19 09:28:49 +01:00
yrutschle
22a8ba9ef5 move libbsd support to autoconf detection 2025-02-19 09:25:59 +01:00
yrutschle
dcfa3fa2db move libcap support to autoconf detection 2025-02-19 09:01:01 +01:00
yrutschle
fabf0a121c actually include config.h 2025-02-19 08:59:17 +01:00
yrutschle
3a1c31d8cb move tcp wrapper support to autoconf detection 2025-02-18 10:09:12 +01:00
Yves Rutschle
e527b8e588 libproxyprotocol: add test and options to link the library if present 2025-02-01 10:12:04 +01:00
Yves Rutschle
a2b4da8483 fix #486: do not return prematurely when accept fails 2025-02-01 09:21:19 +01:00
Yves Rutschle
710807fd3b Fix possible file descriptor leak (fix #485) 2025-01-05 18:37:12 +01:00
Yves Rutschle
2e9f23a2f4 remove unix socket before binding 2024-12-23 17:25:40 +01:00
Yves Rutschle
bf082292c2 new is_unix field to create listen unix sockets 2024-12-22 23:54:14 +01:00
Yves Rutschle
59d89e34f0 refactor: move inet code to its own function 2024-12-22 21:58:51 +01:00
Yves Rutschle
cac7f48fa7 new is_unix field to connect to unix socket target servers 2024-12-22 16:17:47 +01:00
Yves Rutschle
9e6b4fae29 refactor: isolate inet connection 2024-12-22 00:06:54 +01:00
Yves Rutschle
16ef412663 use current tag when exporting an archive (fix #481) 2024-12-09 22:37:06 +01:00
Yves Rutschle
5f55f7d76a SOL_IP is Linux-specific, replace with portable IPPROTO_IP (fix #481) 2024-12-08 21:49:04 +01:00
Yves Rutschle
9243a6e369 check asprintf return value (fix #471) 2024-09-08 23:11:50 +02:00
Yves Rutschle
686d1f7cb6 refactor close stdin,out,err to own function and clarify the comment 2024-09-08 17:12:49 +02:00
ftasnetamot
e7a9a37624 changed SSL to TLS in sslh.pod initial description 2024-09-08 16:56:50 +02:00
ftasnetamot
7d41760f9a spellcheck correction, man-page, modified debian-sys-v-startscript 2024-09-08 16:56:50 +02:00
ftasnetamot
4def95865c still testing, as on i watched reusing fd 0 2024-09-08 16:56:50 +02:00
ftasnetamot
109052fdc7 Updated PR as discussion in issue 468 , currently ony for testing 2024-09-08 16:56:50 +02:00
ftasnetamot
d6bb000115 close std-filehandles when daemonize 2024-09-08 16:56:50 +02:00
ftasnetamot
18a9a882f5 Added some clarifications to scenario 3 
added information about iproute 2
 2024-08-15 23:07:26 +02:00
ftasnetamot
acdbb79d43 include version.h in repo 
Many code checking editors, marking the common.h as erroneous, as
version.h is missing. This can lead to confusion.
Change in Makefile.in with fake empty dependency ensures, that version.h
is recreated at every "make"
Another change in make clean, makes sure, that at this point a stub
version.h is generated.

version.h removed from .gitignore
 2024-08-15 23:06:46 +02:00
ftasnetamot
1fd072837b added forgotten link to cloudflare blog. Without this link, the wording 
maked no sense.
 2024-08-15 23:04:18 +02:00
ftasnetamot
a34f34917a Documentation, why Daisy-Chaining IP-Transparent 
applications will fail. Discuss this in some examples.
 2024-08-15 23:04:18 +02:00
ftasnetamot
d6041c93c4 added missing 3rd argument to CHECK_RES_RESULT 2024-08-15 23:02:54 +02:00
ftasnetamot
2e2701de55 Changed a CHECK_RES_DIE to CHECK_RES_RETURN, as the real problem will 
occur at connect!
 2024-08-15 23:02:54 +02:00
ftasnetamot
70a9b97f81 optimized setsockopt() options for better 
cooperation between different transparent-ip applications.
See: https://blog.cloudflare.com/how-to-stop-running-out-of-ephemeral-ports-and-start-to-love-long-lived-connections
for an explanation for those changes.
 2024-08-15 23:02:54 +02:00
ftasnetamot
72a4376248 Enhance documentation about compiling; 
make disabling landlock in Makefile possible, as single point of
configuration
 2024-08-15 22:58:54 +02:00
Yves Rutschle
316e9a1863 fix documentation on verboseness (#452) 2024-07-10 15:41:49 +02:00
Yves Rutschle
c892fc4b34 add short for verbose; remove config debug printing 2024-07-10 15:37:34 +02:00
Yves Rutschle
b619f5bf36 add a verbose option that overrides all others 2024-07-10 15:31:55 +02:00
Yves Rutschle
06b7d7ed14 add reference to libwrap in example configuration (fix #418) 2024-06-26 19:19:03 +02:00
Yves Rutschle
a222ea2c99 update Changelog v2.1.3 v2.1.4 2024-06-26 19:17:48 +02:00
yrutschle
eb84c6a55b add libwrap files to landlock read list (fix #450) 2024-06-17 23:00:16 +02:00
yrutschle
93ab4f1e3a refactor in smaller functions 2024-06-17 22:54:52 +02:00
Yves Rutschle
5e252bb3f6 add links to ip-routing transparent proxying 2024-06-12 09:40:33 +02:00
ftasnetamot
d6265e2c50 Added svg file 
corrected link to the diagram in md file
 2024-06-11 21:40:06 +02:00
ftasnetamot
e1229dca28 updated picture, as png export failed in workflow before :-( 2024-06-09 17:21:04 +02:00
ftasnetamot
06e697e029 removed the warning regards kernel forwarding, 
as this is also not necessary.
Updated text and picture
 2024-06-09 17:21:04 +02:00
ftasnetamot
0bb3286a7d corrected broken style of connection arrows 
in the diagram showing the scenarios
 2024-06-09 17:21:04 +02:00
ftasnetamot
2fd9ea600a Added another file, discussing three possible setup scenarios, which 
should cover up all setups.

Changes to be committed:
  new file:   scenarios-for-simple-transparent-proxy.md
  modified:   simple_transparent_proxy.md
  new file:   sslh-examples-v1.png
 2024-06-09 17:21:04 +02:00
ftasnetamot
f4eea875e2 drastically reduced the configuration by putting all the magic into the interface-configuration 2024-06-04 21:04:56 +02:00
ftasnetamot
e8934f7a81 some more scenarios, how the simple configuration can be used. 2024-06-04 21:04:56 +02:00
ftasnetamot
8271db2d9d Add the description of a simple transparent proxy without the need of iptables/nftables and loopback routing. 
Explain how all that works.
 2024-06-02 14:26:50 +02:00
Yves Rutschle
995916c923 update history 2024-05-25 16:22:47 +02:00