12 | | Since the requests no longer appear to be coming from the same IP, this effectively works around the flaw. If you need localhost to do the same thing, create a lo:1 alias and give it an IP of 127.0.0.2. |
| 12 | Since the requests no longer appear to be coming from the same IP, this effectively works around the flaw. If you need localhost to do the same thing, create a lo:1 alias and give it an IP of 127.0.0.2, then use this line (untested, should probably work): |
| 13 | |
| 14 | {{{ |
| 15 | sudo iptables -t nat -A POSTROUTING -s 127.0.0.1 -d 127.0.0.1 -p tcp --dport 443 -j SNAT --to 127.0.0.2 |
| 16 | }}} |