In your before setting, your client should have been to connect to your test server:
[jdbc] client = yes accept = 127.0.0.1:2404 connect=my_server_name:2404
In your after setting, the accept and connect ports cannot be the same port.
On 4/9/2015 10:51 AM, daninho dj wrote:
Hi Jose,
Thanks for mail. The problem is that when I change the accept port on the server, stunnel doesn't start:
*Before:*
_Server:_
[test] accept = 2404 connect = 2406
_Client:_
[jdbc] client = yes accept = 127.0.0.1:2404 http://127.0.0.1:2404 connect = /my_server_name/:2406
*After:*
I edited the stunnel.conf on the server:
[test] accept = 2406 connect = 2406
Then trying to start the service:
*/etc/init.d/stunnel start* *Starting stunnel (SSL tunnel) startproc: exit status of parent of /usr/sbin/stunnel: 1*
- please see /var/log/rc.stunnel.log for details failed*
/var/log/rc.stunnel.log is empty but in the log specified in the stunnel.conf I have the following:
tail -10 /var/log/stunnel/stunnel.log 2015.04.09 16:42:36 LOG5[22524:139805264570112]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP 2015.04.09 16:42:36 LOG6[22524:139805264570112]: file ulimit = 262144 (can be changed with 'ulimit -n') 2015.04.09 16:42:36 LOG6[22524:139805264570112]: poll() used - no FD_SETSIZE limit for file descriptors 2015.04.09 16:42:36 LOG5[22524:139805264570112]: 128000 clients allowed 2015.04.09 16:42:36 LOG7[22524:139805264570112]: FD 10 in non-blocking mode 2015.04.09 16:42:36 LOG7[22524:139805264570112]: FD 11 in non-blocking mode 2015.04.09 16:42:36 LOG7[22524:139805264570112]: FD 12 in non-blocking mode 2015.04.09 16:42:36 LOG7[22524:139805264570112]: SO_REUSEADDR option set on accept socket 2015.04.09 16:42:36 LOG3[22524:139805264570112]: Error binding test to 0.0.0.0:2406 http://0.0.0.0:2406 2015.04.09 16:42:36 LOG3[22524:139805264570112]: bind: Address already in use (98)
Same thing happens when I try to change the ports on the client. Any idea how this problem can be solved?
Thanks and regards, Daninho
On Thu, Apr 9, 2015 at 4:12 PM, <josealf@rocketmail.com mailto:josealf@rocketmail.com> wrote:
The accept port on the server Config must be the same as the connect port on the client config. The connect port on the server must be the port used by the application/service you try to secure, usually bound to the loopback interfase, as you probably don't want to allow unsecure connections. On the client the accept port is the port your client application will connect to. Hope this helps to clarify a bit. Regards -----Original Message----- From: daninho dj <daninho.dj@gmail.com <mailto:daninho.dj@gmail.com>> Sender: "stunnel-users" <stunnel-users-bounces@stunnel.org <mailto:stunnel-users-bounces@stunnel.org>> Date: Thu, 9 Apr 2015 14:28:25 To: <stunnel-users@stunnel.org <mailto:stunnel-users@stunnel.org>> Subject: [stunnel-users] Session is active but I cannot connect _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org <mailto:stunnel-users@stunnel.org> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users-- daninho http://daninhodj.com
stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users