|
pb wrote:
>
> > By the way, i didnt had any acclerator cards for the
> > apache box, i just used
> > the apache
> > rewrite and proxy pass mod which is doing the
> > decrytion job.
>
> Now this would be a great addition to the HOW TO
> !!!!:)
keep me informed :-)
> I wonder if a software engine could be written to
> accept data from any SSL service
> (https/smtps/imaps/pops) and let apache rewrite +
> proxy pass mod decrypt it, then get it sent back out
> the correct clear text port (http/smtp/imap/pop).
> Its all SSL encrypted the same way, so once decrypted
> just pass it to the right protocol. No?
(I don't know much about this)
one of the problems with having the accel card on the director
is that the output goes into the ip_tables OUTPUT chain,
whereas if we want the director to grab it, it has to go
into the INPUT chain (again). This is what I was asking
Julian.
Presumably you'd have to separate these functions into
separate boxes?
Joe
--
Joseph Mack PhD, Senior Systems Engineer, SAIC contractor
to the National Environmental Supercomputer Center,
ph# 919-541-0007, RTP, NC, USA. mailto:mack.joseph@xxxxxxx
|
