Changes between Version 1 and Version 2 of Ticket #24, comment 1


Ignore:
Timestamp:
Sep 1, 2014, 9:09:06 PM (6 years ago)
Author:
Peter Gamache
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #24, comment 1

    v1 v2  
    1010}}}
    1111
    12 Since the requests no longer appear to be coming from the same IP, this effectively works around the flaw. If you need localhost to do the same thing, create a lo:1 alias and give it an IP of 127.0.0.2.
     12Since the requests no longer appear to be coming from the same IP, this effectively works around the flaw. If you need localhost to do the same thing, create a lo:1 alias and give it an IP of 127.0.0.2, then use this line (untested, should probably work):
     13
     14{{{
     15sudo iptables -t nat -A POSTROUTING -s 127.0.0.1 -d 127.0.0.1 -p tcp --dport 443 -j SNAT --to 127.0.0.2
     16}}}