[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: man-in-the-middle

On Thu, Oct 07, 2004 at 05:37:52AM -0700, Mike Mestnik wrote:

> Sorry, squid uses NFS for remote storage.  This is not like being an NFS
> server, that a client could connect to.  Since there is no way for a
> client to connect, how would squid know it should connect to a server if
> it even could?  If there's a patch or hack, I don't think debian will be
> shiping it in the squid package.

Squid (or most any other https proxy) can usually be set up to tunnel
aribitrary TCP streams, assuming it allows users to specify port
numbers, like https://www.example.com:4000/

The only thing needed is to send the appropriate CONNECT string after
the connect to squid is opened. After the CONNECT string, squid just
passes bytes back and forth.

I'm not sure I understand the original problem...  Two hosts configured
to be on seperate subnets but on the same wire? Two hosts with some kind
of layer 2 device blocking connectivity between them but on the same


Reply to: