Control: retitle -1 document how to use --transparent and include tproxy.md
On Sat, 26 Apr 2025, Jesús Sánchez Sánchez wrote:n > Package: sslh > Version: 2.1.4-1+b1 > > i am reporting an issue with the sslh package (version 2.1.4-1+b1) on > Debian Unstable. > When attempting to start the sslh service with the --transparent > option included in the DAEMON_OPTS definition in /etc/default/sslh, > the service fails to start immediately. > The error message observed in 'journalctl -u sslh.service' is: > cap_set_proc: Operation not permitted If you're using --transparent, you'll need to add CAP_NET_RAW to the capabilities. This is documented in the tproxy.md file which we don't document, so I'm going to repurpose this issue to document how to do that. -- Don Armstrong https://www.donarmstrong.com Every gun that is made, every warship launched, every rocket fired signifies [...] a theft from those who hunger and are not fed, those who are cold and are not clothed. This world in arms is not spending money alone. It is spending the sweat of its laborers, the genius of its scientists, the hopes of its children. [...] This is not a way of life at all in any true sense. Under the cloud of threatening war, it is humanity hanging from a cross of iron. [...] [I]s there no other way the world may live? -- President Dwight D. Eisenhower, April 16, 1953
