Vladimir Dubrovin
013d4bc333
tlspr (SNI proxy) implemented
...
Options -cN - level of TLS check
default - allow non-TLS traffic
1 - require TLS, only check client HELLO packet
2 - require TLS, check both client and server HELLO
3 - require TLS, check server send certificate (not compatible with TLS 1.3)
4 - require mutual TLS, check server send certificate request and client sends certificate (not compatible with TLS 1.3)
-P - default port
examples:
1.
tlspr -p1443 -P443 -c1
(port 1443 may be used to redirect traffic to destination port 143). SNI is used to find destination host
2.
allow * * * 80
parent 1000 http 0.0.0.0 0
allow * * * * CONNECT
parent 1000 tls 0.0.0.0 0
deny * * some.not.allowed.host
allow *
socks
attempts to take destination hostname from SNI in SOCKS
2024-05-20 13:01:38 +03:00
Michael Tautschnig
687ebafb1b
Fix plugin declarations of hashindex and nametohash
...
Plugins using these would fail to provide the required arguments.
2023-10-11 10:00:47 +00:00
Vladimir Dubrovin
4ad05d1565
add handleredirect() to symbols
2022-06-24 10:44:28 +03:00
z3apa3a
e1b4e50242
Copyright update
2021-07-02 11:50:33 +03:00
z3APA3A
24127196ce
Remove ICQPR because OSCAR is outdated
2018-04-22 21:46:00 +03:00
z3APA3A
f709255d62
Copyrights cleaned, authradius.c added
2016-12-20 15:47:02 +03:00
z3APA3A
5844e165b5
nscache6 command support + nsrecord with IPv6
...
nscache6 - new command for IPv6 addresses cache
nsrecord supports IPv6 addresses
dnsauth should work with IPv6 servers and clients
+ caching is now more accurate
2014-12-14 05:33:08 +03:00
z3APA3A
e37a7f48d7
Older CVS comments removed
2014-12-13 23:20:00 +03:00
z3APA3A
50db0015d3
IPv6 support for authnserver
2014-12-13 22:56:31 +03:00
z3APA3A
c7310a2060
initial partial patches for IPv6 client support
2014-10-19 21:54:24 +04:00
z3APA3A
4fef3a1df0
More changes for IPv6 suppot +nbname auth removed
2014-05-12 01:11:04 +04:00
Vladimir Dubrovin
ccf606fd9e
ntoa changed to ntop
2014-05-12 01:10:53 +04:00
z3APA3A
a060376f1e
initial import to git
2014-04-08 13:03:21 +04:00
