"
While that seems like it might be an option, it's a lot more moving parts that I have no familiarity with. Also, I'm trying to multiplex openvpn on port 443, not ssh in particular. I was hoping somebody might be able to suggest a working FreeBSD config for this as sslh is a fairly common solution to this problem, but it seems the usage of transparent mode is much less popular.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
General Discussion / sslh in transparent mode
April 03, 2025, 01:46:08 AM
Well this question isn't strictly specific to OPNsense, more FreeBSD in general, but since I'm trying to get this working on my OPNsense box...
As the title says, I'm trying to get sslh working in transparent mode so server logs will show the external IP and not just the ip of the gateway. I have some experience doing this in linux, and the write-up at https://github.com/yrutschle/sslh/blob/master/doc/simple_transparent_proxy.md seems straightforward enough, small problem...I have no idea how any of that translates to a FreeBSD environment. Would anyone happen to know how those commands can be implemented using FreeBSD tools? It seems to just be setting up a separate routing table that routes all traffic from a specific virtual interface back to sslh, but none of that seems to be supported in the OPNsense UI and FreeBSD isn't exactly my home turf.
Also, it seems to me that using the os-sslh plugin in OPNsense is a nonstarter as there's no support for transparent mode. I guess this would just have to be tacked on using some scripts that get run after each update?
As the title says, I'm trying to get sslh working in transparent mode so server logs will show the external IP and not just the ip of the gateway. I have some experience doing this in linux, and the write-up at https://github.com/yrutschle/sslh/blob/master/doc/simple_transparent_proxy.md seems straightforward enough, small problem...I have no idea how any of that translates to a FreeBSD environment. Would anyone happen to know how those commands can be implemented using FreeBSD tools? It seems to just be setting up a separate routing table that routes all traffic from a specific virtual interface back to sslh, but none of that seems to be supported in the OPNsense UI and FreeBSD isn't exactly my home turf.
Also, it seems to me that using the os-sslh plugin in OPNsense is a nonstarter as there's no support for transparent mode. I guess this would just have to be tacked on using some scripts that get run after each update?
Pages1
