[FR] Add Forward HTTPS feature #839
Comments
|
If bypassing the firewall is your only concern you can specify the port to forward to as If the feature request is for upstream DNS-over-HTTPS, that is a whole new feature indeed. |
|
Indeed setting the port could be a solution but will not work in practice because advanced firewall check the protocol and allows only HTTPS. |
|
DNS-over-TLS is still encrypted traffic. Have you tried and it doesn't work on your environment? |
|
HTTPS adds encapsulation that is detected by the firewall, that's why I specifically need DoH forwarding |
|
Does that mean that is used on device with some kind of security software, which uses trusted certificate on the host and the firewall re-encrypts the original encrypted session, so it can see also the insides of encrypted channel? What would be advantage of using DoH in such environment? |
|
I think this is a duplicate of #308 |
Current behavior
Currently, in a forward configuration, you can set a forward tls with
forward-tls-upstream: yes.Describe the desired feature
I would like the same feature for HTTPS, with a feature like
forward-https-upstream: yes.Potential use-case
It would allow to pass through rule firewall in some environment.
Thanks
The text was updated successfully, but these errors were encountered: