Created
February 10, 2021 18:08
-
-
Save shurikk/631fb68d1e108265926ac48fe2f0e725 to your computer and use it in GitHub Desktop.
nginx as a transparent SSL proxy using stream module (quick test)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| iptables -t nat -A OUTPUT -p tcp -m tcp --dport 443 -m owner --uid-owner root -j RETURN | |
| iptables -t nat -A OUTPUT -p tcp -m tcp --dport 443 -m owner --uid-owner nginx -j RETURN | |
| iptables -t nat -A OUTPUT -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 3130 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| daemon off; | |
| events {} | |
| error_log /dev/stdout info; | |
| http { | |
| access_log /dev/stdout; | |
| } | |
| stream { | |
| server { | |
| listen 3130; | |
| ssl_preread on; | |
| proxy_pass $ssl_preread_server_name:443; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment