Re: iptables port forwarding
--On 12 November 2002 20:59 +1100 Rob Weir <firstname.lastname@example.org> wrote:
On Mon, Nov 11, 2002 at 03:22:14PM +0000, Siraj 'Sid' Rakhada wrote:
I live behind such a fascist firewall, but as I don't use port 443 on my
home lan, I have redirected that host to elsewhere. It's probably better
anyway, as some sites trap port 80 traffic and make it go via a web
proxy (though the 443 solution is not immune either).
Isn't 'most' https traffic an encrypted, binary stream. Aside from
initial negotiation, I guess. How can this be transparently proxied?
How would it even be useful, since the data is encrypted and cannot be
Yes - you're quite right. I wasn't thinking straight. https uses the
I only thought it might be useful for firewall controllers to force maybe
only certain urls to be allowed via a super-fascist proxy, etc. etc. But
now we're into realms of pointlessness so I'll shut up ;)