[stunnel-users] xforwardedfor in config

• Previous message (by thread): [stunnel-users] xforwardedfor in config
• Next message (by thread): [stunnel-users] 2 secure sockets TCP (Server / Client) as posted earlier last month by khaled
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Yeah ... It was an HAProxy patch for stunnel ... thanks!

-----Original Message-----
From: Brian Hatch [mailto:bri at stunnel.org] 
Sent: Saturday, February 02, 2008 4:14 PM
To: Jill Rochelle
Cc: stunnel-users at mirt.net
Subject: Re: [stunnel-users] xforwardedfor in config

Around 2008-01-31 16:58 -0500, Jill Rochelle growled:

> I am new to stunnel and the ssl world.  I'm trying to get stunnel to work
> with haproxy for load balancing https requests.  In the haproxy
> documentation it says that the stunnel.conf should look like this
> 
>     cert=/etc/stunnel/stunnel.pem
>     setuid=stunnel
>     setgid=proxy
>  
>     socket=l:TCP_NODELAY=1
>     socket=r:TCP_NODELAY=1
>  
>     [https]
>     accept=192.168.1.1:443
>     connect=192.168.1.1:80
>     xforwardedfor=yes

You're probably reading documentation from someone who's patched
stunnel to support X-Forwarded-For.

Quick google finds the following in some haproxy documentation
above a snippet like yours:


"By default, stunnel does not process HTTP and does not add any
 X-Forwarded-For header, but there is a patch on the official
 haproxy site to provide this feature to recent stunnel versions."

I'd suggest you find and apply that patch if that's the road 
down which you wish to go.

-- 
Brian Hatch                  What's the best remote
   Systems and                administration tool for
   Security Engineer          Microsoft Windows?
http://www.ifokr.org/bri/    A car.

Every message PGP signed

• Previous message (by thread): [stunnel-users] xforwardedfor in config
• Next message (by thread): [stunnel-users] 2 secure sockets TCP (Server / Client) as posted earlier last month by khaled
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]