I have a machine with OpenBSD 6.8 and with 2 network interfaces: egress intranet
httpd has 3 vhosts defined: server "default" { listen on * tls port 443 ... location * { block return 403 } } server "externalapp.publicdomain.net" { listen on egress tls port 443 ... } server "internalapp.privatedomain.net" { listen on intranet tls port 443 ... } So far so good, but when I try to access "internalapp.privatedomain.net" from the internet, it serves the page happily. I double checked that I had no access to the intranet at that moment. But when I change "default" server to: server "default" { listen on egress tls port 443 listen on intranet port 443 ... } and try again, I get proper 403. Is that a bug or some sort of non-intuitive behavior of listen on * stanza? Cheers, Chris
signature.asc
Description: PGP signature