Hi, I’ve been checking the news regarding the upcoming 186 release, and noticed that sslh was removed.
I wonder why? Aside from a quick change to the init.d start script, it was (and is) working perfectly fine for me on 185 release.
Would it be possible to reconsider this removal? SSLH is an essential tool for those like me who are mostly behind a restrictive firewall and must use port 443 as a gateway to SSH and OPENVPN.
Thanks!
The reason that it was removed was that the last update was done in CU 162 (26 core updates ago) and that addon would no longer have worked for any user that had upgraded after CU162.
It did not seem to be interesting for any IPFire users as the fact that it was broken was not flagged up till April this year (2.5 years after update).
It looks like you actually use the sslh package and were able to understand and also test out the changes required.
I don’t use sslh and was not familiar with the usage cases and how to construct them.
The simplest way to get it back would be to raise it in the IPFire Dev mailing list.
https://www.ipfire.org/docs/devel/contact
It would be good if you indicate to the dev mailing list members that you would be willing to submit a patch to add it back in but also to maintain it for any future releases then you would likely get more support for putting it back in.
Yes absolutely. We just noticed that it no longer works and that for a long time. Hence we figured that there were virtually no users. We also had nobody on the team who volunteered to look at it, so we went with a removal.
If you are happy to send patches, please follow the links that @bonnietwin has sent.
I would also like to see it back, as it is a nice way to multiplex XMPP on port 443.
But I am pretty new to ipfire, so I am still finding my way around.
Details for how to build an add-on are detailed here
https://www.ipfire.org/docs/devel/ipfire-2-x/addon-howto
At the start of that section it also has a link to show the requirements for building add-ons.
Once you have built the add-on and installed it on an IPFire system and tested it out then the following section gives details about how to submit the patches relating to the addition of that add-on package.
Hello all,
i really don´t know if it makes sense (since long time ago) or even someone wants to test and further develop it but in here → git.ipfire.org Git - people/ummeegge/ipfire-2.x.git/commit are some further ideas.
Best,
Erik
I noticed a few minutes ago, that my OPENVPN connection is broken, due to a missing sslh package since the latest ipfire update. 
How can I test your GIT commit in my ipfire @ummeegge ?
EDIT
nevermind, seems I have to follow the instructions in the links from @bonnietwin
@ummeegge git repo has version 1.20 from 2018.
The last version that was in IPFire was 1.22c from 2021
The current latest version in the sslh github repo is 2.1.2 from May 2024.
It seems that release versions are occurring more frequently now from every 1 to 4 months.
If you are looking at building sslh then get the latest version from the github repo
https://github.com/yrutschle/sslh/tags
and use the lfs from the last ipfire version as your starting point.
The rootfile and initscript are also in the repo but they will need some modification. The rootfile from 2.1.2 is likely to be different from 1.22c and the initscript from 1.22c already did not work due to changes in the configuration parameters from version 1.7a to 1.22c
In this post another user indicated that the changes required were relatively simple so you could use those as a starting point.
https://community.ipfire.org/t/sslh-add-on-not-starting/11413/4
Hi all,
@bonnietwin absolute true, as mentioned before don´t know if it makes sense at all to work further in this topic (which is 5 years ago 
) but at that time, there was a serious intend to make SSLH a better Addon for IPFire and i think some development intentions wasn´t that bad but also communicated via developer mailinglist and @ms have had some very good ideas which we tried to get out but this work died like some others too.
Another time, if someone feels addressed, please go for it.
Not more or less.
Best,
Erik