Hi Peter, this is exactly what I needed, it works great!
Thanks a lot for your help My best D.
On Mon, May 11, 2020 at 8:59 PM Peter Pentchev roam@ringlet.net wrote:
On Mon, May 11, 2020 at 02:55:35PM -0400, Christopher Schultz wrote:
Daniele,
On 5/11/20 10:53, Daniele Basaldella wrote:
Dear group, I've to configure a couple of tunneled connections (call them TC1 and TC2), client side, on a linux system. The target of both such connections is the same (destination ip and
port
are the same, call it DST). At source side (my server) I have a two IP addresses (call them IP1 and IP2) assigned and currently working to its unique NIC. I normally use iptables SNAT to split the traffic between IP1 and IP2 depending on destination addresses but in this case I've to distinguish it at application level (TC1 and TC2). I'd like to get TC1 to set the outgoing traffic with source address IP1 and TC2 to set outgoing traffic with source address IP2.
Tunnel Tunnel Client ServerTC1: IP1 --\ >--> DST TC2: IP2 --/
I'm thinking to set one entry in stunnel.conf for each TC1 and TC2 and use *transparent* = source clause to set the source address but it seems my case is not so common and I didn't find documentation. Please could you suggest a solution.
If it's important for you to set the outgoing interface, then you should use:
local=IP1
in your config for the tunnel definition.
I believe Daniele's main point was the desire to avoid having two sections in the stunnel config, one with accept=IP1 and local=IP1 and one with IP2. Whether it can be done with transparent proxying is something I've never tried, so I don't feel qualified to answer.
G'luck, Peter
-- Peter Pentchev roam@ringlet.net roam@debian.org pp@storpool.com PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users