[stunnel-users] older browsers, stunnel and privoxy
kovacs janos
kovacsjanosfasz at gmail.com
Sun Dec 9 14:30:34 CET 2018
i mean a proxy that can work with the address of the actual website
opened in the browser, not just specific addresses defined in the
config file.
at least i thought thats what you meant with this:
"In case of client (browser), for each remote (https) server to be
connected to, stunnnel config file will need an entry;
in browser it will not be possible to use DNS names (all servers will
have to be addressed as 127.0.0.1:someport
where "someport", is port assigned in stunnel conf server entry accept
statement), so most links in webpages will not work."
if stunnel can only work with specified addresses, cant a proxy like
privoxy be set up at both ends, and stunnel only has to accept and
connect to the address of the proxies?
On 12/9/18, Yyy <yyy at yyy.id.lv> wrote:
> What do you mean by dynamic address proxy?
>
> On December 8, 2018 12:39:26 AM EET, kovacs janos
> <kovacsjanosfasz at gmail.com> wrote:
>>if stunnel can only accept from and forward to one address, cant that
>>be went around by setting a dynamic address proxy on both sides of
>>stunnel? like:
>>proxy - stunnel - proxy
>>
>>although i havent been able to connect to even a single website, but i
>>didnt try with specifically the IP
>>
>>On 12/7/18, yyy <yyy at yyy.id.lv> wrote:
>>>
>>> ----- Original Message -----
>>> From: "kovacs janos" <kovacsjanosfasz at gmail.com>
>>> To: "Flo Rance" <trourance at gmail.com>
>>> Cc: <stunnel-users at stunnel.org>
>>> Sent: Friday, December 07, 2018 2:30 AM
>>> Subject: Re: [stunnel-users] older browsers, stunnel and privoxy
>>>
>>>
>>>> now im really not sure, since the wikipedia page on stunnel also
>>>> describes the program doing exactly what i need in the Example
>>>> scenario section:
>>>> https://en.wikipedia.org/wiki/Stunnel#Example_scenario
>>>>
>>>> "Network traffic from the client initially passes over SSL to the
>>>> stunnel application, which transparently encrypts/decrypts traffic
>>and
>>>> forwards unsecured traffic to port 25 locally. The mail server sees
>>a
>>>> non-SSL mail client. "
>>>>
>>>> only difference is, i need it to forward "unsecured traffic" to my
>>>> browser client, not a server. are you all sure its really not
>>>> possible?
>>>>
>>> It is possible with the same limitiations as with server case.
>>> In case of server, there is one server, which accepts incoming
>>connections
>>> (unencrypted) and stunnel accepts unencrypted
>>> connections for that (one) server and decrypts and forwards them.
>>There is
>>> only one server, which gets connected by stunnel.
>>>
>>> In case of client (browser), for each remote (https) server to be
>>connected
>>> to, stunnnel config file will need an entry;
>>> in browser it will not be possible to use DNS names (all servers will
>>have
>>> to be addressed as 127.0.0.1:someport
>>> where "someport", is port assigned in stunnel conf server entry
>>accept
>>> statement), so most links in webpages will not work.
>>> It may be feasible for small number of servers, which does not links
>>any
>>> external resources.
>>>
>>> _______________________________________________
>>> stunnel-users mailing list
>>> stunnel-users at stunnel.org
>>> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
>>>
>
> --
> Sent from my Android device with K-9 Mail. Please excuse my brevity.
More information about the stunnel-users
mailing list