<html>

  <head>

    <meta content="text/html; charset=utf-8" http-equiv="Content-Type">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    <p>Something like this exists: sslh[1], a "protocol demultiplexer".

      However, it doesn't explicitly support Tor, and I'm not sure if

      it's possible to distinguish between Tor packets and other TLS

      traffic using the options it offers[2].</p>

    <p>[1]: <a class="moz-txt-link-freetext" href="http://www.rutschle.net/tech/sslh.shtml">http://www.rutschle.net/tech/sslh.shtml</a><br>

      [2]:

      <a class="moz-txt-link-freetext" href="https://github.com/yrutschle/sslh/blob/v1.18/example.cfg#L37-L47">https://github.com/yrutschle/sslh/blob/v1.18/example.cfg#L37-L47</a><br>

    </p>

    <br>

    <div class="moz-cite-prefix">On 16.08.2016 19:50, Green Dream wrote:<br>

    </div>

    <blockquote

cite="mid:CAAd2PDKVQ7pgUfg784xkgiZ2cq1tUFGdnWNN8P6yZ=JUKS6twA@mail.gmail.com"

      type="cite">

      <div dir="ltr">I don't think you will be able to bind two daemons

        to the same TCP port (443). 

        <div><br>

        </div>

        <div>Maybe you could have something else listening on TCP port

          443 and passing the requests onto both places?<br>

          <div><br>

          </div>

          <div>You might be able to put a single reverse proxy in front

            on that port, and have that proxy send the requests to the

            correct daemon on the backend, but I have no idea how to

            actually set that up. Most common reverse proxy software

            (like nginx) isn't designed to understand or handle Tor or

            pluggable transports like obfs4.</div>

          <div><br>

          </div>

          <div>There may be some application aware ("layer 4") firewalls

            that could do something like this too, but I don't think it

            would be straightforward. Also I'm not sure inspecting Tor

            packets (in order to determine they're Tor packets) is a

            good idea... or if that could even work since the packets

            will be obfuscated.</div>

          <div><br>

          </div>

          <div>Just thinking out loud... but this seems like a difficult

            to implement idea.</div>

        </div>

        <div class="gmail_extra"><br>

        </div>

      </div>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

      <pre wrap="">_______________________________________________

tor-relays mailing list

<a class="moz-txt-link-abbreviated" href="mailto:tor-relays@lists.torproject.org">tor-relays@lists.torproject.org</a>

<a class="moz-txt-link-freetext" href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a>

</pre>

    </blockquote>

    <br>

  </body>

</html>