[stunnel-users] stunnel and pan newsreader configuration

I am attempting to use stunnel to connect securely to a snntp server using pan 0.132.

The stunnel install was successful, but when attempting to connect to the server using pan, I either receive a "connection refused" or "connection reset by peer" in the pan error log.

Here is the stunnel.log:

2007.10.13 11:16:43 LOG5[5843:3082667712]: stunnel 4.20 on i686-pc-linux-gnu with OpenSSL 0.9.8e 23 Feb 2007 2007.10.13 11:16:43 LOG5[5843:3082667712]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv4 Auth:LIBWRAP 2007.10.13 11:16:43 LOG6[5843:3082667712]: file ulimit = 1024 (can be changed with 'ulimit -n') 2007.10.13 11:16:43 LOG6[5843:3082667712]: poll() used - no FD_SETSIZE limit for file descriptors 2007.10.13 11:16:43 LOG5[5843:3082667712]: 500 clients allowed 2007.10.13 11:16:43 LOG7[5843:3082667712]: FD 4 in non-blocking mode 2007.10.13 11:16:43 LOG7[5843:3082667712]: FD 5 in non-blocking mode 2007.10.13 11:16:43 LOG7[5843:3082667712]: FD 6 in non-blocking mode 2007.10.13 11:16:43 LOG7[5843:3082667712]: SO_REUSEADDR option set on accept socket 2007.10.13 11:16:43 LOG7[5843:3082667712]: NNTP bound to 127.0.0.1:23 2007.10.13 11:16:43 LOG7[5843:3082667712]: Created pid file /home/kpanic/download/stunnel//var/run/stunnel/stunnel.pid 2007.10.13 11:17:00 LOG7[5843:3082667712]: NNTP accepted FD=7 from 127.0.0.1:1085 2007.10.13 11:17:00 LOG7[5843:3085958032]: NNTP started 2007.10.13 11:17:00 LOG7[5843:3085958032]: FD 7 in non-blocking mode 2007.10.13 11:17:00 LOG7[5843:3085958032]: FD 8 in non-blocking mode 2007.10.13 11:17:00 LOG7[5843:3085958032]: FD 9 in non-blocking mode 2007.10.13 11:17:00 LOG7[5843:3082667712]: Cleaning up the signal pipe 2007.10.13 11:17:00 LOG6[5843:3082667712]: Child process 5855 finished with code 0 2007.10.13 11:17:00 LOG7[5843:3085958032]: Connection from 127.0.0.1:1085 permitted by libwrap 2007.10.13 11:17:00 LOG5[5843:3085958032]: NNTP accepted connection from 127.0.0.1:1085 2007.10.13 11:17:00 LOG7[5843:3085958032]: FD 8 in non-blocking mode 2007.10.13 11:17:00 LOG3[5843:3085958032]: bind transparent: Address already in use (98) 2007.10.13 11:17:00 LOG5[5843:3085958032]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2007.10.13 11:17:00 LOG7[5843:3085958032]: NNTP finished (0 left) 2007.10.13 11:17:00 LOG7[5843:3082667712]: NNTP accepted FD=7 from 127.0.0.1:1086 2007.10.13 11:17:00 LOG7[5843:3085958032]: NNTP started 2007.10.13 11:17:00 LOG7[5843:3085958032]: FD 7 in non-blocking mode 2007.10.13 11:17:00 LOG7[5843:3085958032]: FD 8 in non-blocking mode 2007.10.13 11:17:00 LOG7[5843:3085958032]: FD 9 in non-blocking mode 2007.10.13 11:17:00 LOG7[5843:3082667712]: Cleaning up the signal pipe 2007.10.13 11:17:00 LOG7[5843:3085958032]: Connection from 127.0.0.1:1086 permitted by libwrap 2007.10.13 11:17:00 LOG5[5843:3085958032]: NNTP accepted connection from 127.0.0.1:1086 2007.10.13 11:17:00 LOG6[5843:3082667712]: Child process 5857 finished with code 0 2007.10.13 11:17:00 LOG7[5843:3085958032]: FD 8 in non-blocking mode 2007.10.13 11:17:00 LOG3[5843:3085958032]: bind transparent: Address already in use (98) 2007.10.13 11:17:00 LOG5[5843:3085958032]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2007.10.13 11:17:00 LOG7[5843:3085958032]: NNTP finished (0 left) 2007.10.13 11:17:05 LOG7[5843:3082667712]: NNTP accepted FD=7 from 127.0.0.1:1087 2007.10.13 11:17:05 LOG7[5843:3085958032]: NNTP started 2007.10.13 11:17:05 LOG7[5843:3085958032]: FD 7 in non-blocking mode 2007.10.13 11:17:05 LOG7[5843:3085958032]: FD 8 in non-blocking mode 2007.10.13 11:17:05 LOG7[5843:3085958032]: FD 9 in non-blocking mode 2007.10.13 11:17:05 LOG7[5843:3082667712]: Cleaning up the signal pipe 2007.10.13 11:17:05 LOG7[5843:3085958032]: Connection from 127.0.0.1:1087 permitted by libwrap 2007.10.13 11:17:05 LOG5[5843:3085958032]: NNTP accepted connection from 127.0.0.1:1087 2007.10.13 11:17:05 LOG6[5843:3082667712]: Child process 5860 finished with code 0 2007.10.13 11:17:05 LOG7[5843:3085958032]: FD 8 in non-blocking mode 2007.10.13 11:17:05 LOG3[5843:3085958032]: bind transparent: Address already in use (98) 2007.10.13 11:17:05 LOG5[5843:3085958032]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2007.10.13 11:17:05 LOG7[5843:3085958032]: NNTP finished (0 left) 2007.10.13 11:17:10 LOG7[5843:3082667712]: NNTP accepted FD=7 from 127.0.0.1:1088 2007.10.13 11:17:10 LOG7[5843:3085958032]: NNTP started 2007.10.13 11:17:10 LOG7[5843:3085958032]: FD 7 in non-blocking mode 2007.10.13 11:17:10 LOG7[5843:3085958032]: FD 8 in non-blocking mode 2007.10.13 11:17:10 LOG7[5843:3085958032]: FD 9 in non-blocking mode 2007.10.13 11:17:10 LOG7[5843:3082667712]: Cleaning up the signal pipe 2007.10.13 11:17:10 LOG7[5843:3085958032]: Connection from 127.0.0.1:1088 permitted by libwrap 2007.10.13 11:17:10 LOG5[5843:3085958032]: NNTP accepted connection from 127.0.0.1:1088 2007.10.13 11:17:10 LOG6[5843:3082667712]: Child process 5863 finished with code 0 2007.10.13 11:17:10 LOG7[5843:3085958032]: FD 8 in non-blocking mode 2007.10.13 11:17:10 LOG3[5843:3085958032]: bind transparent: Address already in use (98) 2007.10.13 11:17:10 LOG5[5843:3085958032]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2007.10.13 11:17:10 LOG7[5843:3085958032]: NNTP finished (0 left) 2007.10.13 11:17:15 LOG7[5843:3082667712]: NNTP accepted FD=7 from 127.0.0.1:1089 2007.10.13 11:17:15 LOG7[5843:3085958032]: NNTP started 2007.10.13 11:17:15 LOG7[5843:3085958032]: FD 7 in non-blocking mode 2007.10.13 11:17:15 LOG7[5843:3085958032]: FD 8 in non-blocking mode 2007.10.13 11:17:15 LOG7[5843:3085958032]: FD 9 in non-blocking mode 2007.10.13 11:17:15 LOG7[5843:3082667712]: Cleaning up the signal pipe 2007.10.13 11:17:15 LOG7[5843:3085958032]: Connection from 127.0.0.1:1089 permitted by libwrap 2007.10.13 11:17:15 LOG5[5843:3085958032]: NNTP accepted connection from 127.0.0.1:1089 2007.10.13 11:17:15 LOG7[5843:3085958032]: FD 8 in non-blocking mode 2007.10.13 11:17:15 LOG6[5843:3082667712]: Child process 5866 finished with code 0 2007.10.13 11:17:15 LOG3[5843:3085958032]: bind transparent: Address already in use (98) 2007.10.13 11:17:15 LOG5[5843:3085958032]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2007.10.13 11:17:15 LOG7[5843:3085958032]: NNTP finished (0 left)

Here is the snnt.conf file:

# Debug debug = 7 output = /home/kpanic/download/stunnel/stunnel.log

# Use it for client mode client = yes foreground = yes

[NNTP] protocol = nntp protocolusername = username protocolpassword = password transparent = yes accept = localhost:23 connect = secure.server.com:563

Here is the pan error log:

Sat Oct 13 10:46:50 2007 - Error reading from localhost: Connection reset by peer Sat Oct 13 10:46:55 2007 - Error reading from localhost: Connection reset by peer Sat Oct 13 10:47:00 2007 - Error reading from localhost: Connection reset by peer Sat Oct 13 10:47:05 2007 - Error reading from localhost: Connection reset by peer Sat Oct 13 10:47:10 2007 - Error reading from localhost: Connection reset by peer

Changing the server setup in pan to look at 127.0.0.1

Sat Oct 13 10:45:40 2007 - Pan 0.132 started Sat Oct 13 10:45:40 2007 - Loaded data backend in 0.0 seconds Sat Oct 13 10:45:47 2007 - Error reading from 127.0.0.1: Connection reset by peer Sat Oct 13 10:45:50 2007 - Error reading from 127.0.0.1: Connection reset by peer Sat Oct 13 10:45:55 2007 - Error reading from 127.0.0.1: Connection reset by peer Sat Oct 13 10:46:00 2007 - Error reading from 127.0.0.1: Connection reset by peer

Pan configuration:

Address: localhost Port: 23 Username: username Password: password

uname -r 2.6.22.9-0.4-bigsmp

suse 10.3

Any assistance would be greatly appreciated.

Thanks - Tim

--------------------------------- Moody friends. Drama queens. Your life? Nope! - their life, your story. Play Sims Stories at Yahoo! Games.