IP over HTTP?
Ulrich Spoerlein
uspoerlein at gmail.com
Mon Aug 20 08:42:56 PDT 2007
On Thu, 16.08.2007 at 13:22:39 +0200, Oliver Fromme wrote:
> Note, however, that some HTTP proxies are configured to
> disallow connections to arbitrary ports, for security
> reasons. If that's the case for you, run you sshd server
> on port 443 wich should always be allowed by proxies
> (only possible if you don't already run a HTTPS server
> on port 443, of course).
If your company has a limited set of external IPs it's probably better
to redirect port 443 than to abandon HTTPS (whatever happened to HTTP +
STARTTLS, btw?)
pf.conf:
rdr on $ext_if proto tcp from $company to any port 443 -> ($ext_if) port 22
Cheers,
Ulrich Spoerlein
--
It is better to remain silent and be thought a fool,
than to speak, and remove all doubt.
More information about the freebsd-current
mailing list