I've successfully deployed stunnel4 to wrap rsync for transferring data between remote sites and a central repository. The issue I'm running into, is that some of these sites mandate use of a proxy (HTTP or SOCKS5 usually) for outbound network connections. It seems like there is some proxy support in stunnel with the protocol{Host,Authentication,etc} configuration options, but I have had zero luck getting them to work. For example, I've tried making a simple SOCKS5 proxy using ssh, that I'm successfully able to send HTTP traffic over:
ssh -g -D1080 proxy-host # create the proxy, open port 1080 on a public interface
then in the client stunnel.conf:
[rsync] protocol = connect protocolHost = proxy-host:1080 accept = 127.0.0.1:873 connect = rsync-destination:443
Keep in mind this is an already-working stunnel - the only difference is the addition of the protocol and protocolHost lines above. When I run stunnel in the foreground with that configuration change, I get the following error trying to run rsync:
$ rsync -v dev.inst.kvpdata rsync://localhost/putdata/ rsync: read error: Connection reset by peer (104) rsync error: error in rsync protocol data stream (code 12) at io.c(605) [sender=2.6.9]
And no log messages appear in stunnel's stderr whatsoever.
What am I doing wrong? I get identical results using an HTTP proxy with squid, instead of the socks5 proxy.
Thanks, please let me know if there's any more information I should include to help with figuring this out.
Alex Gottschalk