shorewall-users April 2012 archive
Main Archive Page > Month Archives  > shorewall-users archives
shorewall-users: Re: [Shorewall-users] proxy transparent

Re: [Shorewall-users] proxy transparent

From: Tom Eastep <teastep_at_nospam>
Date: Tue Apr 17 2012 - 04:26:16 GMT
To: shorewall-users@lists.sourceforge.net

On 4/16/12 7:18 PM, Tom Eastep wrote:
> On 4/16/12 7:07 PM, troxlinux wrote:
>> 2012/4/16 troxlinux <xserverlinux@gmail.com>:
>>>
>>
>> but it doesn't work me the https
>>
>
> We are not going to be able to help you until you follow the problem
> reporting guidelines at http://www.shorewall.net/support.htm#Guidelines.

Never mind.

You cannot transparently proxy HTTPS -- think about it; would you want
to trust your private data to a protocol where a process in the middle
could read everything going back and fourth on the connection?

The data is encrypted! So a proxy can't understand what URL the client
is requesting -- understand?

-Tom

Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________

------------------------------------------------------------------------------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users