54 lines
1.7 KiB
Plaintext
54 lines
1.7 KiB
Plaintext
Index: sslh.pod
|
|
--- sslh.pod.orig
|
|
+++ sslh.pod
|
|
@@ -26,17 +26,14 @@ Hence B<sslh> acts as a protocol demultiplexer, or a
|
|
switchboard. Its name comes from its original function to
|
|
serve SSH and HTTPS on the same port.
|
|
|
|
-=head2 Libwrap support
|
|
+B<sslh> comes in two versions: B<sslh-fork> forks a new process
|
|
+for each incoming connection. It is well-tested and very
|
|
+reliable, but incurs the overhead of many processes. B<sslh-select>
|
|
+uses only one thread, which monitors all connections at once.
|
|
+It is more recent and less tested, but only incurs a 16 byte
|
|
+overhead per connection. Also, if it stops, you'll lose all
|
|
+connections, which means you can't upgrade it remotely.
|
|
|
|
-One drawback of B<sslh> is that the servers do not see the
|
|
-original IP address of the client anymore, as the connection
|
|
-is forwarded through B<sslh>.
|
|
-
|
|
-For this reason, B<sslh> can be compiled with B<libwrap> to
|
|
-check accesses defined in F</etc/hosts.allow> and
|
|
-F</etc/hosts.deny>. Libwrap services can be defined using
|
|
-the configuration file.
|
|
-
|
|
=head2 Configuration file
|
|
|
|
A configuration file can be supplied to B<sslh>. Command
|
|
@@ -209,24 +206,6 @@ Runs in background. This overrides B<foreground> if se
|
|
the configuration file (or on the command line, but there is
|
|
no point setting both on the command line unless you have a
|
|
personality disorder).
|
|
-
|
|
-=back
|
|
-
|
|
-=head1 FILES
|
|
-
|
|
-=over 4
|
|
-
|
|
-=item F</etc/init.d/sslh>
|
|
-
|
|
-Start-up script. The standard actions B<start>, B<stop> and
|
|
-B<restart> are supported.
|
|
-
|
|
-=item F</etc/default/sslh>
|
|
-
|
|
-Server configuration. These are environment variables
|
|
-loaded by the start-up script and passed to B<sslh> as
|
|
-command-line arguments. Refer to the OPTIONS section for a
|
|
-detailed explanation of the variables used by B<sslh>.
|
|
|
|
=back
|
|
|