I sent an email last week for help with a stunnel setup. I am attempting to send syslog messages via a snare agent through stunnel to a fedora core 4 box with syslog-ng installed. I have been able to get one machine to successfully log to the fedora box out of 4. I set these boxes up the same way and I am confused as to why one is working and the others aren't .
This is my stunnel.conf file for the clients cert = C:\bin\stunnel\syslog-ng-server.pem CAfile = c:\bin\stunnel\syslog-ng-client.pem verify = 3 [5140] accept = 127.0.0.1:514 connect = 192.168.185.60:5140
This is my stunnel.conf file for the server cert = /etc/stunnel/syslog-ng-server.pem CAfile = /etc/stunnel/syslog-ng-client.pem verify = 3 [5140] accept = 192.168.185.60:5140 connect = 127.0.0.1:514 This is my syslog-ng.conf file on the server
options { sync (0); time_reopen (10); log_fifo_size (1000); long_hostnames (off); use_dns (no); use_fqdn (no); create_dirs (no); keep_hostname (yes); };
source s_sys { file ("/proc/kmsg" log_prefix("kernel: ")); unix-stream ("/dev/log"); internal(); udp(ip(0.0.0.0) port(514)); tcp(ip(0.0.0.0) port(514)); };
destination d_cons { file("/dev/console"); }; destination d_mesg { file("/var/log/messages"); }; destination d_auth { file("/var/log/secure"); };
The snare agents are configured to send logs to 127.0.0.1 514.
Any thoughts or idea's would be great.
sincerely, Anthony
-----Original Message----- From: Michal Trojnara [mailto:Michal.Trojnara@mobi-com.net] Sent: Tuesday, February 07, 2006 1:03 AM To: stunnel-users@mirt.net Subject: RE: [stunnel-users] stunnel closing connections with RST ?
sergei wrote:
Is there any way to make stunnel without "client = yes" close connection "normal way" with FIN instead of RST ?
Stunnel resets connections for a reason. Probably it was reset by the other peer. Check your stunnel log files for details.
Best regards, Mike
_______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
I'd say drop "verify=3" and see if it works. If it does - look into your certificates. Only 1 host has correct certificate.
On 2/7/06, Anthony Cicalla Anthony.Cicalla@bankserv.com wrote:
I sent an email last week for help with a stunnel setup. I am attempting to send syslog messages via a snare agent through stunnel to a fedora core 4 box with syslog-ng installed. I have been able to get one machine to successfully log to the fedora box out of 4. I set these boxes up the same way and I am confused as to why one is working and the others aren't .