UAMALLOWED and HTTPS (to select.worldpay.com)
Derek C
derekchilli at hssl.ie
Wed Apr 29 18:43:35 UTC 2009
I should have said: I'm only redirecting traffic that is destined for the
Worldpay SSL server.
I use this rule: -
iptables -t nat -I PREROUTING -p tcp -d select.worldpay.com --dport 443 -j
DNAT --to-destination MY-SERVER-IP:443
That server is using socat to listen on 443 and proxy traffic from the
Worldpay SSL server. I use this socat command:
socat TCP4-LISTEN:443,bind=MY-SERVER-IP,fork TCP4:select.worldpay.com:443
But I'm pretty sure that if Worldpay change their IP this setup will be
dead until restarted.
Derek
On Wed, April 29, 2009 7:22 pm, Derek C wrote:
>
> On Wed, April 29, 2009 5:58 pm, Johan Meiring wrote:
>
>> The only other thing I can think of is MTU issues.
>> Try issuing the following on your hotspot, and see if it helps.
>> iptables -I FORWARD -t mangle -p tcp -m tcp --tcp-flags SYN,RST SYN -j
>> TCPMSS --clamp-mss-to-pmtu
>> (the above command is one line)
>>
>
> Hi Johan,
>
>
> This didn't work either.
>
>
> I have a work-around to my problems (which is great) - but it's horrible!
> On the Coova Chilli AP I'm redirecting traffic with a DNAT iptables rule
> to a server I have in a data centre. In that server I'm proxying the
> traffic with socat - and its working so I have the payment gateway up &
> running. But its horrible because if Worldpay change their IP....
>
> Derek
>
>
>
> --
> Derek C
> In Ireland
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: chilli-unsubscribe at coova.org
> For additional commands, e-mail: chilli-help at coova.org
> Wiki: http://coova.org/wiki/index.php/CoovaChilli
> Forum: http://coova.org/phpBB3/viewforum.php?f=4
>
>
>
--
Derek C
In Ireland
More information about the Chilli
mailing list