Don Werve wrote:
I've tried the 'local = ' option and setting socket flags for 'l' and 'r', and while they don't break anything, I can't use them to force a connection from any other adapter, so I don't think they are doing what I need. This wouldn't be an issue, either, except I don't know how stunnel determines this, and I don't want to (at some point in the future) have things 'magically change' (read: break horribly).
Be default TCP connections are initiated using IP address of external interface as a source address. If your TCP SYN packet is going to be sent through eth2 interface it's source IP address will be equal to the IP of eth2 interface.
To change this default you can use "local = " option in the config file. The Fine Manual: http://stunnel.mirt.net/static/stunnel.html
Best regards, Mike