Open studio501 opened 3 years ago
If you want SSLproxy to listen on multiple ports, you should repeat the same proxyspec for each port, e.g.:
sslproxy -e ipfw -k ca.key -c ca.crt ssl 127.0.0.1 8080 up:9903
sslproxy -e ipfw -k ca.key -c ca.crt ssl 127.0.0.1 8081 up:9903
...
sslproxy -e ipfw -k ca.key -c ca.crt ssl 127.0.0.1 8089 up:9903
Sorry, I cannot understand the rest of the question. But I guess the Mode of Operation diagram on the README page could help.
If you want SSLproxy to listen on multiple ports, you should repeat the same proxyspec for each port, e.g.:
sslproxy -e ipfw -k ca.key -c ca.crt ssl 127.0.0.1 8080 up:9903 sslproxy -e ipfw -k ca.key -c ca.crt ssl 127.0.0.1 8081 up:9903 ... sslproxy -e ipfw -k ca.key -c ca.crt ssl 127.0.0.1 8089 up:9903
Sorry, I cannot understand the rest of the question. But I guess the Mode of Operation diagram on the README page could help.
thank you very much, I'll try that
hello I am very new to this repo, I would like to know what if the client port is change each time I start the app, how can I suppose to know the exactly port I would like to forward to, is there a wild character use in sslproxy command eg:
sslproxy -e ipfw -k ca.key -c ca.crt ssl 127.0.0.1 808* up:9903
or how can I make the client port static
and yes, I am confused the sslproxy forward should work at the very beginning on client-server handshake or it can work at the middle communicate as well
sslproxy -V
Copyright (c) 2017-2020, Soner Tari sonertari@gmail.com https://github.com/sonertari/SSLproxy Copyright (c) 2009-2019, Daniel Roethlisberger daniel@roe.ch https://www.roe.ch/SSLsplit Build info: V:GIT Features: -DHAVE_DARWIN_LIBPROC NAT engines: - Local process info support: yes (Darwin libproc) compiled against OpenSSL 1.1.1g 21 Apr 2020 (1010107f) rtlinked against OpenSSL 1.1.1g 21 Apr 2020 (1010107f) OpenSSL has support for TLS extensions TLS Server Name Indication (SNI) supported OpenSSL is thread-safe with THREADID OpenSSL has engine support Using SSL_MODE_RELEASE_BUFFERS SSL/TLS protocol availability: tls10 tls11 tls12 tls13 SSL/TLS algorithm availability: !SHA0 RSA DSA ECDSA DH ECDH EC OpenSSL option availability: SSL_OP_NO_COMPRESSION SSL_OP_NO_TICKET SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION SSL_OP_TLS_ROLLBACK_BUG compiled against libevent 2.1.11-stable rtlinked against libevent 2.1.11-stable compiled against libnet 1.2 rtlinked against libnet 1.2 compiled against libpcap n/a rtlinked against libpcap 1.8.1 -- Apple version 79.20.1 compiled against sqlite 3.19.3 rtlinked against sqlite 3.19.3 12 CPU cores detected