[112727] in North American Network Operators' Group
Re: Anyone using any Linux SSL proxies?
daemon@ATHENA.MIT.EDU (Stuart Henderson)
Sun Mar 15 18:53:54 2009
To: nanog@nanog.org
From: Stuart Henderson <stu@spacehopper.org>
Date: Sun, 15 Mar 2009 22:53:14 +0000 (UTC)
X-Complaints-To: usenet@ger.gmane.org
Errors-To: nanog-bounces@nanog.org
On 2009-03-15, Mike Lyon <mike.lyon@gmail.com> wrote:
> Howdy,
>
> I am wondering what folks are recommending/using these days for Linux SSL
> proxies? I need to build a linux box that basically acts as an SSL offloader
> would (like a BigIP / Cisco ACE / Netscaler would do). Listen on port 443,
> decrypt the SSL and then forward the request onto the webserver on port 80.
Pound works ok for this. OpenBSD's relayd also supports this, and if it's
on a machine in the network path in front of the backend server/s, there's
a transparent mode that maintain the source IP address from the original
connection.
> DSR is not required.
Just as well, if you think about it... :-)
