Dustin Lundquist

You want to use the resolver ipv4_only config option.

Have you correlating the access logs of sniproxy and the backend applications? It is possible the the client sees both sites are using the same key pair and pipelines requests...

SNIproxy makes a single forwarding decision for each incoming TCP session. This allows it proxy TLS without access to TLS private keys. If you need to proxy to multiple different...

@tellnes Thanks for the info. Unfortunately, since SNIproxy doesn't have the TLS keys it can not follow the protocol (http2 in this case) taking place within the TLS session.

@Habbie Thanks for the patch. I haven't had much time to dedicate to sniproxy lately, so sorry for the late reply. If we are embedding LUA and making a call...

@adililhan You can use multiple listeners, one for each IP you wish to bind to and a source directive on each indicating the outbound IP.

I don't intend to include this level of systemd integration. While systemd provides a useful dependency based startup well suited for desktop environments, its expanding scope and integration with its...

@RyanEwen The fallback option specifies an address to proxy the connection to if the hostname lookup fails. The hostname lookup could fail for two reasons: 1. the TLS SNI extention...

The HTTP/503 'Backend not available' error is emitted when sniproxy can not find or connect to the server it is trying to proxy too. The error log should provide more...

Anyone have more information on this failure mode? A packet capture would be ideal, but anything on the configuration in which this occurs would helpful. Does this occur when first...