Hello,
I've installed stunnel-4.56-6.el7.x86_64 on my Centos 7. I can't establish a connection. Seems to be something wrong with the name resolution, because if I use the IP derect, the tunnel works.
Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526436416]: Service [cs] accepted (FD=3) from 127.0.0.1:10866 Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Service [cs] started Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Waiting for a libwrap process Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Acquired libwrap process #0 Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Releasing libwrap process #0 Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Released libwrap process #0 Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Service [cs] permitted by libwrap from 127.0.0.1:10866 Feb 12 11:58:00 server stunnel[52445]: LOG5[52445:139984526432000]: Service [cs] accepted connection from 127.0.0.1:10866 Feb 12 11:58:00 server stunnel[52445]: LOG3[52445:139984526432000]: Error resolving 'foobar.remote.site': System error returned in errno (EAI_SYSTEM) Feb 12 11:58:00 server stunnel[52445]: LOG3[52445:139984526432000]: No host resolved Feb 12 11:58:00 server stunnel[52445]: LOG5[52445:139984526432000]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Local socket (FD=3) closed Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Service [cs] finished (0 left)
stunnel.conf: socket = r:TCP_NODELAY=1 socket = l:TCP_NODELAY=1 options = CIPHER_SERVER_PREFERENCE TIMEOUTclose = 0 sslVersion = TLSv1 options = NO_SSLv2 options = NO_SSLv3 client = yes options = DONT_INSERT_EMPTY_FRAGMENTS cert = /etc/stunnel/stunnel.pem key = /etc/stunnel/stunnel.pem debug = 7 chroot = /var/run/stunnel setuid = stunnel setgid = stunnel pid = /stunnel.pid fips = no [srvice] accept = 63123 connect = foobar.remote.site:63123 delay = yes
Any suggestions are very welcome!
Thanks in advance Tom