Burton Strauss wrote: >OK, but that test really doesn't test anything. If stunnel does it's thing, it's >transparent. > >The flaw could be in one of TWO places... > >1) ntop's implementation may not be able to handle the request as it's coming from >those two browsers - for example, it could be a deadlock (esp as it seems to be in >the second request - maybe the browser is trying to open a 2nd connection before the >1st is completed...) > >2) The browser may be sending an invalid request for https: but not http: (i.e. a >different path internal to the browser code) (Since your test is http:, it wouldn't >test this). > > Yes, it would! I'm connecting my browser to "https://<IP>:<STUNNELPORT>". Stunnel is listening on that port, strips off the SSL shit and forwards the data to the port on which ntop is listening. Ergo, my browser *is* using https, and therefore using a possible different internal path.
Maybe I didn't explain my setup properly. It's *not* stunnel that sets up a SSL connection with the server (i.e. to ntop's SSL), the client sets up a SSL connection to stunnel (i.e. https: in the browser), which sets up a "normal" (i.e. http:) connection to ntop. >-----Burton > > -- Mike. _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop
