[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Re: how to share tcp port 443 between OpenVpn and Apache?


  • Subject: Re: [Openvpn-users] Re: how to share tcp port 443 between OpenVpn and Apache?
  • From: Konrad Karl <kk_konrad@xxxxxx>
  • Date: Mon, 24 Jan 2005 14:49:20 +0100

On Mon, Jan 24, 2005 at 01:48:55PM +0100, Richard Atterer wrote:
> On Mon, Jan 24, 2005 at 12:53:33PM +0100, Konrad Karl wrote:
> > PPS: does anybody here if the muxing could be done on Linux using a
> > special netfilter module?
> 
> If this VPN setup is for your personal use only, a simple solution would be
> to set up a web page which, when executed, sets up a source-IP-based port
> redirection (only redirect to OpenVPN if source IP matches). Maybe you
> could even watch Apache's log for an error message which indicates an
> OpenVPN connection attempt, and react to that - obviously, OpenVPN will
> only succeed in connecting the second time it tries.

this will cause normal web access failing at times.

> 
> Another interesting thought: OpenVPN could use a specific _source_ port
> number (--lport ?), so you could use iptables to look for destination port
> 443 and e.g. source port 1194. Untested:

choosing source port is not an option when going thru a proxy, unfortunately.

> 
> iptables -t nat -A PREROUTING -i eth0 -p tcp --sport 1194 --dport 443 \
>  -j DNAT --to 127.0.0.1:1194
> 
> Yet another possibility: Play around with --http-proxy and Apache's proxy
> module. I'm not sure whether that will work, i.e. whether Apache's proxy
> implementation supports CONNECT.

this is not very well documented, I will have a look into the source
code if time permits.

Greetings,

Konrad


> 
> Cheers,
> 
>   Richard
> 
> -- 
>   __   _
>   |_) /|  Richard Atterer     |  GnuPG key:
>   | \/¯|  http://atterer.net  |  0x888354F7
>   ¯ '` ¯
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
> Tool for open source databases. Create drag-&-drop reports. Save time
> by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
> Download a FREE copy at http://www.intelliview.com/go/osdn_nl
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users