Hmm. Can you give a few example rejected requests (so I can grep the logs and try to find them)?
On Tue, Mar 30, 2010 at 10:50 AM, Robert Segall <ro...@apsis.ch> wrote: > On Mon, 2010-03-29 at 16:13 -0400, Matt Van Mater wrote: > > Hello all, > > > > I have Pound set up to listen on a single IP address for HTTPS > connections > > and then based on the Service's HeadRequire section I redirect the > > connection to a port on localhost, then I have Stunnel re-encrypt it and > > send it to the appropriate backend server (either a WebDAV server or an > > OpenVPN server). > > > > The WebDAV works like a champ and the OpenVPN AS lets me logon to their > user > > page and download the pre-configured client, but I think the OpenVPN > client > > communications are getting dumped because it is not HTTP RFC compliant. > > > > 1) Is there any way to tell Pound to NOT sanitize inbound communications > > (preferably at the Service level)? I would like to tell pound to pass > > anything with a hostheader containing "vpn" back to my OpenVPN box. > > No there is no way. Pound must understand the HTTP requests, which means > they really must be requests. > > > 2) How can I confirm that Pound is doing what I'm guessing above? (I've > > turned the logging up to 5 and don't see it denying connections or > otherwise > > complaining in /var/log/daemon like I would expect) > > Rejected requests are logged. If they go to /var/log/daemon or somewhere > else depends on your syslog configuration. > -- > Robert Segall > Apsis GmbH > Postfach, Uetikon am See, CH-8707 > Tel: +41-32-512 30 19 > > > -- > To unsubscribe send an email with subject unsubscribe to po...@apsis.ch. > Please contact ro...@apsis.ch for questions. > -- To unsubscribe send an email with subject unsubscribe to po...@apsis.ch. Please contact ro...@apsis.ch for questions.
