You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The step where you download and install canvas_forward_http.tgz is broken as of OS X 10.10. That download is a WaterRoof-based installer for ipfw rules. The rules are:
add 01000 fwd 127.0.0.1,9000 ip from any to me dst-port 80
add 01100 fwd 127.0.0.1,9001 ip from any to me dst-port 443
add 01200 deny ip from any to me dst-port 9000
add 01300 deny ip from any to me dst-port 9001
add 65535 allow ip from any to any
Or in english: redirect all port 80 traffic to localhost:9000 and all port 443 traffic to localhost:9001. This lets the server run as your user instead of needing to start as root and drop privs. In production it just ran HTTP on port 9000, and HTTPS was terminated at the Amazon ELB layer.
Is 10.10+ the correct solution is to use pf. Something similar to this: basecamp/pow#452
The text was updated successfully, but these errors were encountered:
The step where you download and install canvas_forward_http.tgz is broken as of OS X 10.10. That download is a WaterRoof-based installer for ipfw rules. The rules are:
Or in english: redirect all port 80 traffic to localhost:9000 and all port 443 traffic to localhost:9001. This lets the server run as your user instead of needing to start as root and drop privs. In production it just ran HTTP on port 9000, and HTTPS was terminated at the Amazon ELB layer.
Is 10.10+ the correct solution is to use pf. Something similar to this: basecamp/pow#452
The text was updated successfully, but these errors were encountered: