I have just started using Stunnel 4.04 with OpenSSL. This may seem a bit strange, but, I would like to configure Stunnel such that it will encrypt all my Ping packets. The reason in a nut shell is that I would like to use Ping to determine the network overhead added by SSL, as part of my research. How can I set up stunnel (i.e. stunnel.conf) to tunnel all ICMP (i.e. Ping) packets?
If you compare ICMP ECHO REQUEST/REPLY to Stunnel in any way then your research is useless. It's an apples to oranges comparison. You're comparing ICMP to TCP.
Better is to compare TCP to TCP. For example, create a client/server protocol as follows:
* The TCP connection is established. * The client sends one integer that is the length of the data, followed by the data itself. Call this a 'packet' if you will. * The server reads the integer, followed by the rest of the data, and sends that data back. * The client verifies the data was received correctly, and then procedes to send a new 'packet'.
Then you can implement this connection on its own, and then via Stunnel on both ends, and compare the results. Now you've got apples-to-apples comparison.
(Suggest you implement the server as an inetd-started application, and start it from Stunnel via the 'exec' option, to keep the extra cleartext TCP connection out of the mix.)
Side possibilities:
* Try alternate 'packet sizes' for comparison. * Try different crypto protocols for comparison.