I am totally new to stunnel and am quite confused. I use Ubuntu 10.04 and have installed the stunnel4 deb package. I need to do a couple of things. At boot up I need to accept ssl connections on an inbound port and forward it to a non-ssl compliant app listening on another port. The second thing I need to do is make an ssl required connection to a pop server on another host out of a non-ssl mail client on the local machine. I have no problem with the ports, port forwarding, etc. I just do not know how to set up stunnel to accomplish this.
Let's just use this as an example:
1. I need to accept inbound ssl connections on 995 (port 995 is open) and send them to the local machine non-ssl client listening on 2995.
2. I need to ssl connect to pop.gmail.com:995 via a non-ssl mail client on the local machine and I want the mail client to connect to stunnel on port 3995.
3. I need both of these scenarios to start at boot up.
I don't even know where to start with stunnel4 to do this. Actually I can set up stunnel.conf for either but one's a server operation and the other is a client operation and can't get them both to work simultaneously. To start stunnel at boot up I simply edited /etc/default/stunnel and /etc/init.d/stunnel4 and changed ENABLED=0 to ENABLED=1 in both files. Something tells me this is entirely the wrong way to do what I want to do. It works for either the client task or the server task, depending on which one I have enabled in stunnel.conf but I just know this is not how I am suppose to be doing it.
Will someone help?
On 02/20/2011 10:26 AM, Traps wrote:
I am totally new to stunnel and am quite confused. I use Ubuntu 10.04 and have installed the stunnel4 deb package. I need to do a couple of things. At boot up I need to accept ssl connections on an inbound port and forward it to a non-ssl compliant app listening on another port. The second thing I need to do is make an ssl required connection to a pop server on another host out of a non-ssl mail client on the local machine. I have no problem with the ports, port forwarding, etc. I just do not know how to set up stunnel to accomplish this.
Let's just use this as an example:
- I need to accept inbound ssl connections on 995 (port 995 is open) and
send them to the local machine non-ssl client listening on 2995.
- I need to ssl connect to pop.gmail.com:995 via a non-ssl mail client on
the local machine and I want the mail client to connect to stunnel on port 3995.
- I need both of these scenarios to start at boot up.
I don't even know where to start with stunnel4 to do this. Actually I can set up stunnel.conf for either but one's a server operation and the other is a client operation and can't get them both to work simultaneously. To start stunnel at boot up I simply edited /etc/default/stunnel and /etc/init.d/stunnel4 and changed ENABLED=0 to ENABLED=1 in both files. Something tells me this is entirely the wrong way to do what I want to do. It works for either the client task or the server task, depending on which one I have enabled in stunnel.conf but I just know this is not how I am suppose to be doing it.
Will someone help?
Perhaps I've resolved my own problem. I created a .config for my server mode and another for my client mode in /etc/stunnel
I also changed /etc/init.d/stunnel4 back to ENABLED=0
I also note a typo error in my first post. The other file I edited was /etc/default/stunnel4 rather than /etc/default/stunnel I left ENABLED=1 as is in that file. I don't know if what I have done is correct but my logs are showing successful connects to both my server configurations and my client configurations.
I am baffled with one thing though. I note that when running one config file I have 6 stunnel4 processes showing in my System Monitor and when I run both config files I have 12 processes. Is the normal for some reason???
Traps