On Mon, 2010-03-29 at 16:13 -0400, Matt Van Mater wrote: > Hello all, > > I have Pound set up to listen on a single IP address for HTTPS connections > and then based on the Service's HeadRequire section I redirect the > connection to a port on localhost, then I have Stunnel re-encrypt it and > send it to the appropriate backend server (either a WebDAV server or an > OpenVPN server). > > The WebDAV works like a champ and the OpenVPN AS lets me logon to their user > page and download the pre-configured client, but I think the OpenVPN client > communications are getting dumped because it is not HTTP RFC compliant. > > 1) Is there any way to tell Pound to NOT sanitize inbound communications > (preferably at the Service level)? I would like to tell pound to pass > anything with a hostheader containing "vpn" back to my OpenVPN box.
No there is no way. Pound must understand the HTTP requests, which means they really must be requests. > 2) How can I confirm that Pound is doing what I'm guessing above? (I've > turned the logging up to 5 and don't see it denying connections or otherwise > complaining in /var/log/daemon like I would expect) Rejected requests are logged. If they go to /var/log/daemon or somewhere else depends on your syslog configuration. -- Robert Segall Apsis GmbH Postfach, Uetikon am See, CH-8707 Tel: +41-32-512 30 19 -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
