[mythtv-users] Open Failed: No suitable proxy found
Brian J. Murrell
brian at interlinx.bc.ca
Fri Mar 2 20:05:14 UTC 2018
On Fri, 2018-03-02 at 13:53 -0600, Leo Butler wrote:
>
> If I understand your problem, you want to force mythbackend to use a
> proxy server, and advising it using an environment variable is
> ignored.
I don't think it's ignored. I think it's noticing the environment
variables and then just fubarring it up from there. I suspect without
the environment variables there would be no mention of proxy at all.
> Why not use iptables to forcibly redirect the traffic to the proxy?
That's the transparent proxy [non-]solution that I explained all of the
problems with in another message in this thread.
The shelf-life for transparent proxying of HTTPS is pretty short now
since you have to be able to pull off CA-impersonation to do it and CA-
impersonation is a very big and serious problem in the SSL world that
has to and will be solved.
> Otherwise, with a suitable router, you could create a subnet B where
> you
> do transparent proxying and put your BE on that subnet. Make a
> separate
> subnet, A, where un-proxied users will be, and allow A <--> B
> traffic.
That's a lot of work that should just really not be necessary. Proxy
environment variables are as old as kerosene and very well understood.
They should just work.
And as I said in the other message, the utility of proxying is quickly
dwindling entirely proportional to the speed of the world moving
towards HTTPS and preventing CA-impersonation. I may just give up on
it finally.
Cheers,
b.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part
URL: <http://lists.mythtv.org/pipermail/mythtv-users/attachments/20180302/e07c2443/attachment.sig>
More information about the mythtv-users
mailing list