Hello, I'm interested to configure stunnel and shorewall to allow a local non-TLS Web browser to receive pages from a remote server providing only HTTPS. My intention is for the non-TLS browser to address http://www.stunnel.org:954/ and receive the page from https://www.stunnel.org:443/ . Port 954 was chosen because, according to https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers , it is not assigned.
The browser should continue to receive http://shorewall.net/ without port translation. Ie. http://shorewall.net/ would mean http://shorewall.net:80/ . In my limited understanding, https://www.stunnel.org/static/stunnel.html suggests this configuration and iptables usage. ; /etc/stunnel/stunnel.conf [transparent] client = yes accept = 127.0.0.1:954 transparent = destination # iptables commands. /sbin/iptables -I INPUT -i eth0 -p tcp --dport 954 -j ACCEPT /sbin/iptables -t nat -I PREROUTING -p tcp --dport 443 \ -i eth0 -j DNAT --to-destination 127.0.0.1:954 I need help with shorewall configuration equivalent to the two commands. A DNAT rule must be needed but help is needed with specifics. Thanks, ... Peter E. -- 123456789 123456789 123456789 123456789 123456789 123456789 123456789 Tel: +1 360 639 0202 Pender Is.: +1 250 629 3757 http://easthope.ca/Peter.html Bcc: peter at easthope. ca ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
