[stunnel-users] RFC: purge use of keyword 'transparent'

• Previous message (by thread): [stunnel-users] RFC: purge use of keyword 'transparent'
• Next message (by thread): [stunnel-users] RFC: purge use of keyword 'transparent'
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am 07.01.2011 03:26, schrieb oscaruser at programmer.net:
> Folks,
>
> After searching, installing various Linuces (in the 2.6 family), e.g. 
> CentOS, Ubuntu, and so on, I have not been able to get transparent 
> proxy working at all. As such since it the function does not work, and 
> there is great debate as to whether it ever worked, I would like to 
> propose that this keyword and reference to its function be discarded 
> entirely. This will save many folks a great deal of time and effort 
> attempting to try and get it to work, myself having spent over 80 
> hours (including my precious holiday time) trying to dig, scratch, 
> research up old posts that say it works or someone has it working 
> under such and such a configuration! The documentation itself has 
> folks claiming that it works and does not, which is really a bad 
> practice. Why did you perpetuate this option in the first place?!
>
> I hope you see the importance and reason with my request and act 
> immediately.
>
>  ... Unless someone really really does have it working.
>
>
> Thank you
>
>
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at mirt.net
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users

While I have not even tried to use the "transparent" function (stunnel 
runs on Windows in our environment, where "transparent" is not 
supported), I would like to add my two cents: For a ssl tunnel solution 
like stunnel, a "transparent" option is a very basic necessity. Having 
all connections to the application come from 127.0.0.1 makes trouble 
shooting and auditing very problematic. Therefore, transparent 
operations should be the default, not an afterthought only available on 
one platform.

I therefore counter-propose to make this option work, and make it work 
on all supported platforms. While I know that this will probably not be 
possible, since it would require a lot of programming work to be done, I 
nevertheless wanted to make it clear, that this option is not 
unnecessary and should not be simply discarded.


Greetings
Markus Borst


-- 
TU Darmstadt
Hochschulrechenzentrum (HRZ)
Markus Borst
Adresse: 	Petersenstrasse 30, 64287 Darmstadt, Germany
Tel.: 	06151/16-2056
Email: 	M.Borst at hrz.tu-darmstadt.de

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20110107/0c10f296/attachment.html>

• Previous message (by thread): [stunnel-users] RFC: purge use of keyword 'transparent'
• Next message (by thread): [stunnel-users] RFC: purge use of keyword 'transparent'
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]