On 2012-09-17 22:53, Usuário do Sistema wrote:
sorry, but to work with HTTPS just add an new rule with --dport 443 right
??
You cannot* inspect the content of a HTTPS connection because it's
encrypted. That includes the entire HTTP communication, thus the Host header
as well.
http://en.wikipedia.org/wiki/Secure_Sockets_Layer
* well, you *can*, but that requires using ssl proxies and organized MITM.
Not something easy to deploy.
--
Julien Vehent - http://jve.linuxwall.info
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
