1666
18.1 Legacy Series / Re: Can I install tcptraceroute?
« on: March 15, 2018, 09:36:09 pm »
If it is not in the repo, it can be built using the ports tree.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Ok, danke dir. Dann scheint ja alles zu gehen. Wieso geht es, wenn ich das ganze über UPNP laufen lasse auf opnsense?
Hello Experts,
I've been using Opnsense with HAProxy for a few months now and i'm very happy with it.
Thanks for all the hard work!
However, i've stumbled on a small problem and i can't seem to find enough information (that i can understand) on how to solve it.
I'm publishing an application on SSL (WAN side) and unsecure (HTTP, port 8084) on the LAN-side.
However, the application does not play nice with the reverse proxy and the site is not shown.
I'm looking for a few options:
- Where can i configure "X-Forwarded-For" option? (It used to be a check box but that has disappeared.)
- how can i enable SSL-Termination for a single publication (Rule)?
I tried browsing the documents but the how-to's in the wiki are for a previous version and i'm not quite sure how i can add a general haproxy options (or what syntax to use)
Thanks in advance!
(and apologies if my questions are stupid )
A GUI shell widget idea was trashed after concluding it would be an exploit vector sooner or later.I try to harden the GUI as much as possible.
A well-designed (and validated and restricted) CLI on top of the API would still be a future option though.The PowerShell stuff looks good (even if I don't use it).
For everything else there will always be SSH.SSH is the core component to communicate with my dev VM. Without it, I would have to implement some bad workarounds.
Die zugehörige Condition für Guacamole lautet : "Path starts with" Path prefix "/guacamole*"
Die zugehörige Rule für Guacamole lautet: use specific Backend -> Guacamole_Backend (welche auf Port 8080 läuft)
Authentication credentials is only one aspect of email security. Security of the content is another.
Increased security of the content is one of the reasons some people operate their own email server.
Indeed they do, and me amongst them. I am merely pointing out possible cargo cult reflexes. Just because postfix supports TLS, doesn't mean you have to implement it. The documentation warns you against it: http://www.postfix.org/TLS_README.html second paragraph.Postfix has three TLS options: No TLS, use if available and force TLS. Because many mail servers out there do not support TLS, it is almost impossible to force it.
If you require push notification by SMTP, IMHO your best bet is to design this inside the firewall and use a VPN if your MUA device travels to the public side. Horses for courses.If OpenSSL or LibreSSL is having such an issue, your VPN will not be any help.