Follow up on FreeBSD's traffic and syndrome looks like :
With stunnel's transparent set option traffic looks like :
19:31:34.162337 IP 192.168.103.69.52671 > 127.0.0.1.80: Flags [S], seq 2050938762, win 65535, options [mss 16344,nop,wscale 3,sackOK,TS val 7437993 ecr 0], length 0 19:31:37.153079 IP 192.168.103.69.52671 > 127.0.0.1.80: Flags [S], <snip>.. 19:31:40.351804 IP 192.168.103.69.52671 > 127.0.0.1.80: Flags [S], <snip> .. 19:31:43.550543 IP 192.168.103.69.52671 > 127.0.0.1.80: Flags [S], seq 2050938762, win 65535, options [mss 16344,sackOK,eol], length 0
...
2011.01.07 19:32:55 LOG7[6662:34378629568]: Service ssh_proxy accepted FD=13 from 192.168.103.69:52673 2011.01.07 19:32:55 LOG7[6662:34379125184]: Service ssh_proxy started 2011.01.07 19:32:55 LOG7[6662:34379125184]: FD=13 in non-blocking mode 2011.01.07 19:32:55 LOG7[6662:34379125184]: Option TCP_NODELAY set on local socket 2011.01.07 19:32:55 LOG7[6662:34379125184]: Waiting for a libwrap process 2011.01.07 19:32:55 LOG7[6662:34379125184]: Acquired libwrap process #0 2011.01.07 19:32:55 LOG7[6662:34379125184]: Releasing libwrap process #0 2011.01.07 19:32:55 LOG7[6662:34379125184]: Released libwrap process #0 2011.01.07 19:32:55 LOG7[6662:34379125184]: Service ssh_proxy permitted by libwrap from 192.168.103.69:52673 2011.01.07 19:32:55 LOG5[6662:34379125184]: Service ssh_proxy accepted connection from 192.168.103.69:52673 2011.01.07 19:32:55 LOG7[6662:34379125184]: SSL state (accept): before/accept initialization 2011.01.07 19:32:55 LOG7[6662:34379125184]: SSL state (accept): SSLv3 read client hello A 2011.01.07 19:32:55 LOG7[6662:34379125184]: SSL state (accept): SSLv3 write server hello A 2011.01.07 19:32:55 LOG7[6662:34379125184]: SSL state (accept): SSLv3 write certificate A 2011.01.07 19:32:55 LOG7[6662:34379125184]: SSL state (accept): SSLv3 write server done A 2011.01.07 19:32:55 LOG7[6662:34379125184]: SSL state (accept): SSLv3 flush data 2011.01.07 19:32:55 LOG7[6662:34379125184]: SSL state (accept): SSLv3 read client key exchange A 2011.01.07 19:32:55 LOG7[6662:34379125184]: SSL state (accept): SSLv3 read finished A 2011.01.07 19:32:55 LOG7[6662:34379125184]: SSL state (accept): SSLv3 write change cipher spec A 2011.01.07 19:32:55 LOG7[6662:34379125184]: SSL state (accept): SSLv3 write finished A 2011.01.07 19:32:55 LOG7[6662:34379125184]: SSL state (accept): SSLv3 flush data 2011.01.07 19:32:55 LOG7[6662:34379125184]: 1 items in the session cache 2011.01.07 19:32:55 LOG7[6662:34379125184]: 0 client connects (SSL_connect()) 2011.01.07 19:32:55 LOG7[6662:34379125184]: 0 client connects that finished 2011.01.07 19:32:55 LOG7[6662:34379125184]: 0 client renegotiations requested 2011.01.07 19:32:55 LOG7[6662:34379125184]: 1 server connects (SSL_accept()) 2011.01.07 19:32:55 LOG7[6662:34379125184]: 1 server connects that finished 2011.01.07 19:32:55 LOG7[6662:34379125184]: 0 server renegotiations requested 2011.01.07 19:32:55 LOG7[6662:34379125184]: 0 session cache hits 2011.01.07 19:32:55 LOG7[6662:34379125184]: 0 external session cache hits 2011.01.07 19:32:55 LOG7[6662:34379125184]: 0 session cache misses 2011.01.07 19:32:55 LOG7[6662:34379125184]: 0 session cache timeouts 2011.01.07 19:32:55 LOG6[6662:34379125184]: SSL accepted: new session negotiated 2011.01.07 19:32:55 LOG6[6662:34379125184]: Negotiated ciphers: AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1 2011.01.07 19:32:55 LOG7[6662:34379125184]: FD=14 in non-blocking mode 2011.01.07 19:32:55 LOG6[6662:34379125184]: connect_blocking: connecting 127.0.0.1:80 2011.01.07 19:32:55 LOG5[6662:34379125184]: connect_blocking: connected 127.0.0.1:80 2011.01.07 19:32:55 LOG5[6662:34379125184]: Service ssh_proxy connected remote server from 127.0.0.1:30326 2011.01.07 19:32:55 LOG7[6662:34379125184]: Remote FD=14 initialized 2011.01.07 19:32:55 LOG7[6662:34379125184]: Option TCP_NODELAY set on remote socket 2011.01.07 19:32:58 LOG7[6662:34379125184]: SSL socket closed on SSL_read 2011.01.07 19:32:58 LOG7[6662:34379125184]: Socket write shutdown 2011.01.07 19:32:58 LOG5[6662:34379125184]: Connection closed: 0 bytes sent to SSL, 0 bytes sent to socket 2011.01.07 19:32:58 LOG7[6662:34379125184]: Service ssh_proxy finished (0 left)
Without transparent, traffic flows fine, and looks like :
19:32:55.883404 IP 127.0.0.1.30326 > 127.0.0.1.80: Flags [S], seq 2147354729, win 65535, options [mss 16344,nop,wscale 3,sackOK,TS val 7446169 ecr 0], length 0 19:32:55.883575 IP 127.0.0.1.80 > 127.0.0.1.30326: Flags [S.], seq 2770470513, ack 2147354730, win 65535, options [mss 16344,nop,wscale 3,sackOK,TS val 1229815108 ecr 7446169], length 0 19:32:55.883589 IP 127.0.0.1.30326 > 127.0.0.1.80: Flags [.], ack 1, win 8960, options [nop,nop,TS val 7446169 ecr 1229815108], length 0