Files: ab3324be477b2663196e0cc73d96aa38d59da65a / example.cfg
2302 bytesRaw
1 | # This file is provided as documentation to show what is |
2 | # possible. It should not be used as-is, and probably should |
3 | # not be used as a starting point for a working |
4 | # configuration. Instead use basic.cfg. |
5 | |
6 | verbose: true; |
7 | foreground: true; |
8 | inetd: false; |
9 | numeric: false; |
10 | transparent: false; |
11 | timeout: "2"; |
12 | user: "nobody"; |
13 | pidfile: "/var/run/sslh.pid"; |
14 | |
15 | |
16 | # List of interfaces on which we should listen |
17 | listen: |
18 | ( |
19 | { host: "thelonious"; port: "443"; }, |
20 | { host: "thelonious"; port: "8080"; } |
21 | ); |
22 | |
23 | # List of protocols |
24 | # |
25 | # Each protocol entry consists of: |
26 | # name: name of the probe. These are listed on the command |
27 | # line (ssh -?), plus 'regex', 'sni' and 'timeout'. |
28 | |
29 | # service: (optional) libwrap service name (see hosts_access(5)) |
30 | # host, port: where to connect when this probe succeeds |
31 | # |
32 | # Probe-specific options: |
33 | # sni: |
34 | # sni_hotnames: list of FQDN for that target |
35 | # regex: |
36 | # regex_patterns: list of patterns to match for |
37 | # that target. |
38 | # |
39 | # sslh will try each probe in order they are declared, and |
40 | # connect to the first that matches. |
41 | # |
42 | # You can specify several of 'regex' and 'sni'. |
43 | |
44 | protocols: |
45 | ( |
46 | { name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; }, |
47 | { name: "http"; host: "localhost"; port: "80"; }, |
48 | |
49 | { name: "sni"; host: "localhost"; port: "993"; sni_hostnames: [ "mail.rutschle.net", "mail.englishintoulouse.com" ]; }, |
50 | { name: "sni"; host: "localhost"; port: "xmpp-client"; sni_hostnames: [ "im.rutschle.net", "im.englishintoulouse.com" ]; }, |
51 | |
52 | # OpenVPN |
53 | { name: "regex"; host: "localhost"; port: "1194"; regex_patterns: [ "^\x00[\x0D-\xFF]$", "^\x00[\x0D-\xFF]\x38" ]; }, |
54 | # Jabber |
55 | { name: "regex"; host: "localhost"; port: "5222"; regex_patterns: [ "jabber" ]; }, |
56 | |
57 | # Catch-all |
58 | { name: "regex"; host: "localhost"; port: "443"; regex_patterns: [ "" ]; }, |
59 | |
60 | # Where to connect in case of timeout (defaults to ssh) |
61 | { name: "timeout"; service: "daytime"; host: "localhost"; port: "daytime"; } |
62 | ); |
63 | |
64 | # Optionally, specify to which protocol to connect in case |
65 | # of timeout (defaults to "ssh"). |
66 | # You can timeout to any arbitrary address by setting an |
67 | # entry in 'protocols' named "timeout". |
68 | # This enables you to set a tcpd service name for this |
69 | # protocol too. |
70 | on-timeout: "timeout"; |
71 | |
72 |
Built with git-ssb-web