[mythtv-users] Open Failed: No suitable proxy found

[Brian J. Murrell]

On Fri, 2018-03-02 at 13:53 -0600, Leo Butler wrote:
> 
> If I understand your problem, you want to force mythbackend to use a
> proxy server, and advising it using an environment variable is
> ignored.

I don't think it's ignored.  I think it's noticing the environment
variables and then just fubarring it up from there.  I suspect without
the environment variables there would be no mention of proxy at all.

> Why not use iptables to forcibly redirect the traffic to the proxy?

That's the transparent proxy [non-]solution that I explained all of the
problems with in another message in this thread.

The shelf-life for transparent proxying of HTTPS is pretty short now
since you have to be able to pull off CA-impersonation to do it and CA-
impersonation is a very big and serious problem in the SSL world that
has to and will be solved.

> Otherwise, with a suitable router, you could create a subnet B where
> you
> do transparent proxying and put your BE on that subnet. Make a
> separate
> subnet, A, where un-proxied users will be, and allow A <--> B
> traffic.

That's a lot of work that should just really not be necessary.  Proxy
environment variables are as old as kerosene and very well understood. 
They should just work.

And as I said in the other message, the utility of proxying is quickly
dwindling entirely proportional to the speed of the world moving
towards HTTPS and preventing CA-impersonation.  I may just give up on
it finally.

Cheers,
b.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part
URL: <http://lists.mythtv.org/pipermail/mythtv-users/attachments/20180302/e07c2443/attachment.sig>