i mean a proxy that can work with the address of the actual website opened in the browser, not just specific addresses defined in the config file.
at least i thought thats what you meant with this: "In case of client (browser), for each remote (https) server to be connected to, stunnnel config file will need an entry; in browser it will not be possible to use DNS names (all servers will have to be addressed as 127.0.0.1:someport where "someport", is port assigned in stunnel conf server entry accept statement), so most links in webpages will not work." if stunnel can only work with specified addresses, cant a proxy like privoxy be set up at both ends, and stunnel only has to accept and connect to the address of the proxies? On 12/9/18, Yyy <y...@yyy.id.lv> wrote: > What do you mean by dynamic address proxy? > > On December 8, 2018 12:39:26 AM EET, kovacs janos > <kovacsjanosf...@gmail.com> wrote: >>if stunnel can only accept from and forward to one address, cant that >>be went around by setting a dynamic address proxy on both sides of >>stunnel? like: >>proxy - stunnel - proxy >> >>although i havent been able to connect to even a single website, but i >>didnt try with specifically the IP >> >>On 12/7/18, yyy <y...@yyy.id.lv> wrote: >>> >>> ----- Original Message ----- >>> From: "kovacs janos" <kovacsjanosf...@gmail.com> >>> To: "Flo Rance" <troura...@gmail.com> >>> Cc: <stunnel-users@stunnel.org> >>> Sent: Friday, December 07, 2018 2:30 AM >>> Subject: Re: [stunnel-users] older browsers, stunnel and privoxy >>> >>> >>>> now im really not sure, since the wikipedia page on stunnel also >>>> describes the program doing exactly what i need in the Example >>>> scenario section: >>>> https://en.wikipedia.org/wiki/Stunnel#Example_scenario >>>> >>>> "Network traffic from the client initially passes over SSL to the >>>> stunnel application, which transparently encrypts/decrypts traffic >>and >>>> forwards unsecured traffic to port 25 locally. The mail server sees >>a >>>> non-SSL mail client. " >>>> >>>> only difference is, i need it to forward "unsecured traffic" to my >>>> browser client, not a server. are you all sure its really not >>>> possible? >>>> >>> It is possible with the same limitiations as with server case. >>> In case of server, there is one server, which accepts incoming >>connections >>> (unencrypted) and stunnel accepts unencrypted >>> connections for that (one) server and decrypts and forwards them. >>There is >>> only one server, which gets connected by stunnel. >>> >>> In case of client (browser), for each remote (https) server to be >>connected >>> to, stunnnel config file will need an entry; >>> in browser it will not be possible to use DNS names (all servers will >>have >>> to be addressed as 127.0.0.1:someport >>> where "someport", is port assigned in stunnel conf server entry >>accept >>> statement), so most links in webpages will not work. >>> It may be feasible for small number of servers, which does not links >>any >>> external resources. >>> >>> _______________________________________________ >>> stunnel-users mailing list >>> stunnel-users@stunnel.org >>> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users >>> > > -- > Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
