Friday 11 February 2005 11:07 - Michael Thompson <[EMAIL PROTECTED]> wrote: > I have a issue where I cannot connect to my server because the > firewall only allows ports 80 and 443 out. > > I previously ran SSH on port 443 to overcome this, but I have had > to implement a HTTPS solution for users who wanted secure access, > so that is now gone. > > This system has DNS records for ssh.server.co.uk and > www.server.co.uk, so can I use IPTables or similar to recognise if > it is being connected to via ssh.server.co.uk on port 443 and > forward the traffic to port 22? If www.server.co.uk:443 is used > apache gets the traffic? Or is this (As I suspect) Impossible? >
You could use the string-matching target patch at netfilter.org here: http://www.netfilter.org/patch-o-matic/pom-extra.html It will match strings within the packet -- I have not yet tried to use this, although I suspect you could use this to parse SSH/HTTPS requests to their appropriate destinations. Also, be careful of the possible performance hit. _k -- gentoo-user@gentoo.org mailing list