git ssb

Files: b108809a78dbedce34bf8dee060fd4a2e72480c8 / example.cfg

2302 bytesRaw

1 # This file is provided as documentation to show what is
2 # possible. It should not be used as-is, and probably should
3 # not be used as a starting point for a working
4 # configuration. Instead use basic.cfg.
5 
6 verbose: true;
7 foreground: true;
8 inetd: false;
9 numeric: false;
10 transparent: false;
11 timeout: "2";
12 user: "nobody";
13 pidfile: "/var/run/sslh.pid";
14 
15 
16 # List of interfaces on which we should listen
17 listen:
18 (
19     { host: "thelonious"; port: "443"; },
20     { host: "thelonious"; port: "8080"; }
21 );
22 
23 # List of protocols
24 #
25 # Each protocol entry consists of:
26 #   name: name of the probe. These are listed on the command
27 #   line (ssh -?), plus 'regex', 'sni' and 'timeout'.
28 
29 #   service: (optional) libwrap service name (see hosts_access(5))
30 #   host, port: where to connect when this probe succeeds
31 #
32 #  Probe-specific options:
33 #       sni: 
34 #               sni_hotnames: list of FQDN for that target
35 #       regex:
36 #               regex_patterns: list of patterns to match for
37 #               that target.
38 #   
39 # sslh will try each probe in order they are declared, and
40 # connect to the first that matches.
41 #
42 # You can specify several of 'regex' and 'sni'.
43  
44 protocols:
45 (
46      { name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; },
47      { name: "http"; host: "localhost"; port: "80"; },
48 
49      { name: "sni"; host: "localhost"; port: "993"; sni_hostnames: [ "mail.rutschle.net", "mail.englishintoulouse.com" ]; },
50      { name: "sni"; host: "localhost"; port: "xmpp-client"; sni_hostnames: [ "im.rutschle.net", "im.englishintoulouse.com" ]; },
51 
52 # OpenVPN
53      { name: "regex"; host: "localhost"; port: "1194"; regex_patterns: [ "^\x00[\x0D-\xFF]$", "^\x00[\x0D-\xFF]\x38" ]; },
54 # Jabber
55      { name: "regex"; host: "localhost"; port: "5222"; regex_patterns: [ "jabber" ]; },
56 
57 # Catch-all
58      { name: "regex"; host: "localhost"; port: "443"; regex_patterns: [ "" ]; },
59 
60 # Where to connect in case of timeout (defaults to ssh)
61      { name: "timeout"; service: "daytime"; host: "localhost"; port: "daytime"; }
62 );
63 
64 # Optionally, specify to which protocol to connect in case
65 # of timeout (defaults to "ssh").
66 # You can timeout to any arbitrary address by setting an
67 # entry in 'protocols' named "timeout".
68 # This enables you to set a tcpd service name for this
69 # protocol too.
70 on-timeout: "timeout";
71 
72

Built with git-ssb-web

cel / sslh

Tree: b108809a78dbedce34bf8dee060fd4a2e72480c8

Files: b108809a78dbedce34bf8dee060fd4a2e72480c8 / example.cfg

1	# This file is provided as documentation to show what is
2	# possible. It should not be used as-is, and probably should
3	# not be used as a starting point for a working
4	# configuration. Instead use basic.cfg.
5
6	verbose: true;
7	foreground: true;
8	inetd: false;
9	numeric: false;
10	transparent: false;
11	timeout: "2";
12	user: "nobody";
13	pidfile: "/var/run/sslh.pid";
14
15
16	# List of interfaces on which we should listen
17	listen:
18	(
19	{ host: "thelonious"; port: "443"; },
20	{ host: "thelonious"; port: "8080"; }
21	);
22
23	# List of protocols
24	#
25	# Each protocol entry consists of:
26	# name: name of the probe. These are listed on the command
27	# line (ssh -?), plus 'regex', 'sni' and 'timeout'.
28
29	# service: (optional) libwrap service name (see hosts_access(5))
30	# host, port: where to connect when this probe succeeds
31	#
32	# Probe-specific options:
33	# sni:
34	# sni_hotnames: list of FQDN for that target
35	# regex:
36	# regex_patterns: list of patterns to match for
37	# that target.
38	#
39	# sslh will try each probe in order they are declared, and
40	# connect to the first that matches.
41	#
42	# You can specify several of 'regex' and 'sni'.
43
44	protocols:
45	(
46	{ name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; },
47	{ name: "http"; host: "localhost"; port: "80"; },
48
49	{ name: "sni"; host: "localhost"; port: "993"; sni_hostnames: [ "mail.rutschle.net", "mail.englishintoulouse.com" ]; },
50	{ name: "sni"; host: "localhost"; port: "xmpp-client"; sni_hostnames: [ "im.rutschle.net", "im.englishintoulouse.com" ]; },
51
52	# OpenVPN
53	{ name: "regex"; host: "localhost"; port: "1194"; regex_patterns: [ "^\x00[\x0D-\xFF]$", "^\x00[\x0D-\xFF]\x38" ]; },
54	# Jabber
55	{ name: "regex"; host: "localhost"; port: "5222"; regex_patterns: [ "jabber" ]; },
56
57	# Catch-all
58	{ name: "regex"; host: "localhost"; port: "443"; regex_patterns: [ "" ]; },
59
60	# Where to connect in case of timeout (defaults to ssh)
61	{ name: "timeout"; service: "daytime"; host: "localhost"; port: "daytime"; }
62	);
63
64	# Optionally, specify to which protocol to connect in case
65	# of timeout (defaults to "ssh").
66	# You can timeout to any arbitrary address by setting an
67	# entry in 'protocols' named "timeout".
68	# This enables you to set a tcpd service name for this
69	# protocol too.
70	on-timeout: "timeout";
71
72

cel / sslh

Tree: b108809a78dbedce34bf8dee060fd4a2e72480c8 shsmasterv1.9v1.8v1.7v1.6v1.5v1.3v1.2v1.18v1.17v1.16v1.15v1.14v1.13v1.12v1.11v1.10v1.1v1.0 <input type="submit" value="Go"/>

Files: b108809a78dbedce34bf8dee060fd4a2e72480c8 / example.cfg

Tree: b108809a78dbedce34bf8dee060fd4a2e72480c8