--On Wednesday, May 17, 2006 11:44 AM +0900 Jorgen Lundman
<[EMAIL PROTECTED]> wrote:
But to me that still feels very hacky. It would be more desirable if you
could make a competing "black box" solution with IPFilter+SSL, and not
require the SSL overhead on the client servers at all (which is one of
the points of SSL accellerators).
You can. You just need to add support for IP filter to stunnel. See
samples/proxy.c in the source distribution for an example of the NAT API
used to accomplish this.
--
Carson
