wiki.matoken.org

ユーザ用ツール

サイト用ツール

トレース: sslh

サイドバー

最新の10件
一覧
linux:sslh

目次

SSLH

Debian pkg

$ sudo apt install sslh
$ dpkg-query -W sslh
sslh    1.20-1
$ /sbin/sslh -h
/sbin/sslh: option '-http' requires an argument
sslh 1.20-1
usage:
        sslh  [-v] [-i] [-V] [-f] [-n] [--transparent] [-F<file>]
        [-t <timeout>] [-P <pidfile>] [-u <username>] [-C <chroot>] -p <addr> [-p <addr> ...] 
        [--ssh <addr>]
        [--openvpn <addr>]
        [--tinc <addr>]
        [--xmpp <addr>]
        [--http <addr>]
        [--tls <addr>]
        [--adb <addr>]
        [--socks5 <addr>]
        [--anyprot <addr>]


        [--on-timeout <addr>]
-v: verbose
-V: version
-f: foreground
-n: numeric output
-u: specify under which user to run
-C: specify under which chroot path to run
--transparent: behave as a transparent proxy
-F: use configuration file (warning: no space between -F and file name!)
--on-timeout: connect to specified address upon timeout (default: ssh address)
-t: seconds to wait before connecting to --on-timeout address.
-p: address and port to listen on.
    Can be used several times to bind to several addresses.
--[ssh,ssl,...]: where to connect connections from corresponding protocol.
-P: PID file.
-i: Run as a inetd service.
$ /sbin/sslh -V
sslh-fork 1.20-1

192.0.2.100:443 で受けて,sshは 127.0.0.1:22 へ sslは 127.0.0.1:443 に転送する例. 

$ sudo vi /etc/default/sslh
$ sudo git diff default/sslh
diff --git a/default/sslh b/default/sslh
index fac2298..df9e55a 100644
--- a/default/sslh
+++ b/default/sslh
@@ -5,4 +5,4 @@
 # systemd users: don't forget to modify /lib/systemd/system/sslh.service
 DAEMON=/usr/sbin/sslh
 
-DAEMON_OPTS="--user sslh --listen <change-me>:443 --ssh 127.0.0.1:22 --ssl 127.0.0.1:443 --pidfile /var/run/sslh/sslh.pid"
+DAEMON_OPTS="--user sslh --listen 192.0.2.100:443 --ssh 127.0.0.1:22 --ssl 127.0.0.1:443 --pidfile /var/run/sslh/sslh.pid"

v1.22c build

$ git clone https://github.com/yrutschle/sslh
$ cd sslh
$ git switch v1.22c
$ make
$ find ./* -executable -type f -ls
   518759     68 -rwxr-xr-x   1 matoken  matoken     66240  7月  2 18:45 ./echosrv
   518736      4 -rwxr-xr-x   1 matoken  matoken      1482  7月  1 22:30 ./genver.sh
   518785      4 -rwxr-xr-x   1 matoken  matoken      1017  7月  1 22:30 ./scripts/etc.init.d.sslh
   518786      4 -rwxr-xr-x   1 matoken  matoken      1709  7月  1 22:30 ./scripts/etc.rc.d.init.d.sslh.centos
   518754    200 -rwxr-xr-x   1 matoken  matoken    204704  7月  2 18:45 ./sslh-fork
   518756    208 -rwxr-xr-x   1 matoken  matoken    210412  7月  2 18:45 ./sslh-select
   518739     20 -rwxr-xr-x   1 matoken  matoken     19029  7月  1 23:20 ./t
   518742      4 -rwxr-xr-x   1 matoken  matoken      3713  7月  1 23:20 ./t_load
$ ./sslh-fork -h
sslhcfg: invalid option "-h"
 [-fin] [-F <file>] [-v <n>] [--transparent] [-t <n>] [-u <str>] [-P <file>] [-C <path>] [--syslog-facility=<str>] [--on-timeout=<str>] [-p <host:port>]... [--ssh=<host:port>]... [--tls=<host:port>]... [--openvpn=<host:port>]... [--tinc=<host:port>]... [--xmpp=<host:port>]... [--http=<host:port>]... [--adb=<host:port>]... [--socks5=<host:port>]... [--anyprot=<host:port>]...
  -F, --config=<file>           Specify configuration file
  -v, --verbose=<n>        
  -f, --foreground              Run in foreground instead of as a daemon
  -i, --inetd                   Run in inetd mode: use stdin/stdout instead of network listen
  -n, --numeric                 Print IP addresses and ports as numbers
  --transparent                 Set up as a transparent proxy
  -t, --timeout=<n>             Set up timeout before connecting to default target
  -u, --user=<str>              Username to change to after set-up
  -P, --pidfile=<file>          Path to file to store PID of current instance
  -C, --chroot=<path>           Root to change to after set-up
  --syslog-facility=<str>       Facility to syslog to
  --on-timeout=<str>            Target to connect to when timing out
  -p, --listen=<host:port>      Listen on host:port
  --ssh=<host:port>             Set up ssh target
  --tls=<host:port>             Set up TLS/SSL target
  --openvpn=<host:port>         Set up OpenVPN target
  --tinc=<host:port>            Set up tinc target
  --xmpp=<host:port>            Set up XMPP target
  --http=<host:port>            Set up HTTP (plain) target
  --adb=<host:port>             Set up ADB (Android Debug) target
  --socks5=<host:port>          Set up socks5 target
  --anyprot=<host:port>         Set up default target

error

sslh-conf.c:42:10: fatal error: pcreposix.h: No such file or directory

$ make
Makefile:74: warning: ignoring prerequisites on suffix rule definition
./genver.sh >version.h
cc -Wall -g  -DENABLE_REGEX -DLIBPCRE -DLIBCONFIG -c sslh-conf.c
sslh-conf.c:42:10: fatal error: pcreposix.h: No such file or directory
   42 | #include <pcreposix.h>
      |          ^~~~~~~~~~~~~
compilation terminated.
make: *** [Makefile:74: sslh-conf.o] Error 1
$ sudo apt install libpcre3-dev
$ make

コメント

コメントを入力. Wiki文法が有効です: 
  _____   ___   ____  __  __   ____
 / ___/  / _ \ / __ \ \ \/ /  / __/
/ /__   / // // /_/ /  \  /  / _/  
\___/  /____/ \___\_\  /_/  /_/
 
linux/sslh.txt · 最終更新: 2022/07/02 21:20 (外部編集)

ページ用ツール

特に明示されていない限り、本Wikiの内容は次のライセンスに従います: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Run on Debian Driven by DokuWiki