stunnel...

To: Debian User List <debian-user@lists.debian.org>
Subject: stunnel...
From: Tom Allison <tom@tacocat.net>
Date: Mon, 8 Oct 2007 21:58:19 -0400
Message-id: <[🔎] B0DB7183-73A1-48D7-87D6-828EA39BF912@tacocat.net>

I'm running into problems with stunnel4 configuration.

The underlying application works.
But I keep getting the same errors when I invoke SSL tunneling.

2007.10.08 21:49:54 LOG5[10064:47438519754832]: stunnel 4.18 onx86_64-pc-linux-gnu with OpenSSL 0.9.8c 05 Sep 20062007.10.08 21:49:54 LOG5[10064:47438519754832]: Threading:PTHREADSSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP2007.10.08 21:49:54 LOG6[10064:47438519754832]: file ulimit = 1024(can be changed with 'ulimit -n')2007.10.08 21:49:54 LOG6[10064:47438519754832]: poll() used - noFD_SETSIZE limit for file descriptors

2007.10.08 21:49:54 LOG5[10064:47438519754832]: 500 clients allowed

2007.10.08 21:49:54 LOG7[10064:47438519754832]: FD 4 in non-blockingmode2007.10.08 21:49:54 LOG7[10064:47438519754832]: FD 5 in non-blockingmode2007.10.08 21:49:54 LOG7[10064:47438519754832]: FD 6 in non-blockingmode2007.10.08 21:49:54 LOG7[10064:47438519754832]: SO_REUSEADDR optionset on accept socket2007.10.08 21:49:54 LOG3[10064:47438519754832]: Error binding imapsto 0.0.0.0:9932007.10.08 21:49:54 LOG3[10064:47438519754832]: bind: Address alreadyin use (98)



I'm unable to start it up from /etc/init.d/stunnel4.
Keeps calling for a pid=, but it's already specified....
Not sure that I want/need to have it running all the time.



I'm trying to set it up through inetd:

imaps stream tcp nowait root /usr/bin/stunnel4 stunnel4 /etc/stunnel/stunnel.conf


with a configuration file of:
cert = /etc/stunnel/stunnel.pem
key = /etc/stunnel/stunnel.pem

; Protocol version (all, SSLv2, SSLv3, TLSv1)
sslVersion = SSLv3

; Some security enhancements for UNIX systems - comment them out onWin32

chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4
; PID is created inside chroot jail
pid = /stunnel4.pid
service=inetd

; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
;compression = rle

; Workaround for Eudora bug
;options = DONT_INSERT_EMPTY_FRAGMENTS

; Some debugging stuff useful for troubleshooting
debug = 7
output = /var/log/stunnel4/stunnel.log

; Use it for client mode
;client = yes

; Service-level configuration

;[pop3s]
;accept  = 995
;connect = 110

[imaps]
accept  = 993
connect = 143
cert    = /etc/ssl/certs/email.pem
key     = /etc/ssl/certs/email.pem
session = 14400
TIMEOUTidle = 14400

Reply to:

Prev by Date: Re: Simultaneous AC3/DTS passthrough & stereo analog output
Next by Date: debian kernel bugs / or is it grub?
Previous by thread: Re: Selinux
Next by thread: debian kernel bugs / or is it grub?
Index(es):
- Date
- Thread