Connection refused, then connects
Can anyone tell me why It tries ::1:25 first and fails before connecting to 127.0.0.1:25? 2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] accepted connection from ::ffff:192.168.1.76:49170 2019.05.17 13:48:34 LOG3[21]: s_connect: connect ::1:25: Connection refused (61) 2019.05.17 13:48:34 LOG5[21]: s_connect: connected 127.0.0.1:25 2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] connected remote server from 127.0.0.1:56701 /usr/local/etc/stunnel/stunnel.conf has: [ssmtp465] client = no accept = 465 connect = 25 options = NO_SSLv2 #transparent = source [ssmtp587] client = no accept = 587 connect = 127.0.0.1:25 options = NO_SSLv2 #transparent = source Not sure if this is relevant, but when I startup I get: 2019.05.17 12:45:27 LOG5[ui]: stunnel 5.53 on x86_64-apple-darwin18.5.0 platform 2019.05.17 12:45:27 LOG5[ui]: Compiled/running with OpenSSL 1.0.2r 26 Feb 2019 2019.05.17 12:45:27 LOG5[ui]: Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI 2019.05.17 12:45:27 LOG5[ui]: Reading configuration from file /usr/local/etc/stunnel/stunnel.conf 2019.05.17 12:45:27 LOG5[ui]: UTF-8 byte order mark detected 2019.05.17 12:45:27 LOG5[ui]: FIPS mode disabled 2019.05.17 12:45:27 LOG4[ui]: Insecure file permissions on /usr/local/etc/dovecot/mail.bordo.com.au.pem 2019.05.17 12:45:27 LOG4[ui]: Insecure file permissions on /usr/local/etc/dovecot/mail.bordo.com.au.pem 2019.05.17 12:45:27 LOG5[ui]: Configuration successful 2019.05.17 12:45:27 LOG5[ui]: Binding service [ssmtp465] to 0.0.0.0:465: Address already in use (48) 2019.05.17 12:45:27 LOG5[ui]: Binding service [ssmtp587] to 0.0.0.0:587: Address already in use (48) No idea what is already using those ports. Any suggestions? macOS 10.14.4 Thanks, James.
On Fri, May 17, 2019 at 01:54:47PM +1000, James Brown wrote:
Can anyone tell me why It tries ::1:25 first and fails before connecting to 127.0.0.1:25?
2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] accepted connection from ::ffff:192.168.1.76:49170 2019.05.17 13:48:34 LOG3[21]: s_connect: connect ::1:25: Connection refused (61) 2019.05.17 13:48:34 LOG5[21]: s_connect: connected 127.0.0.1:25 2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] connected remote server from 127.0.0.1:56701
/usr/local/etc/stunnel/stunnel.conf has:
[ssmtp465] client = no accept = 465 connect = 25 options = NO_SSLv2 #transparent = source
You have specified only a port number, not an address; thus, stunnel assumes the local host address. You have not explicitly told it to only use IPv4 addresses, so it tries the IPv6 local host address (::1) first; when that fails, it falls back to the IPv4 local host address (127.0.0.1). If you change the line to "connect = 127.0.0.1:25" like for your other service, it will go straight to the IPv4 local host address. Hope that helps! G'luck, Peter -- Peter Pentchev roam@{ringlet.net,debian.org,FreeBSD.org} pp@storpool.com PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
And in addition, if you want to know which service is already listening to a port, you can use: sudo lsof -nP -iTCP:465 -sTCP:LISTEN On Fri, May 17, 2019 at 9:07 AM Peter Pentchev <roam@ringlet.net> wrote:
On Fri, May 17, 2019 at 01:54:47PM +1000, James Brown wrote:
Can anyone tell me why It tries ::1:25 first and fails before connecting to 127.0.0.1:25?
2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] accepted connection from ::ffff:192.168.1.76:49170 2019.05.17 13:48:34 LOG3[21]: s_connect: connect ::1:25: Connection refused (61) 2019.05.17 13:48:34 LOG5[21]: s_connect: connected 127.0.0.1:25 2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] connected remote server from 127.0.0.1:56701
/usr/local/etc/stunnel/stunnel.conf has:
[ssmtp465] client = no accept = 465 connect = 25 options = NO_SSLv2 #transparent = source
You have specified only a port number, not an address; thus, stunnel assumes the local host address. You have not explicitly told it to only use IPv4 addresses, so it tries the IPv6 local host address (::1) first; when that fails, it falls back to the IPv4 local host address (127.0.0.1).
If you change the line to "connect = 127.0.0.1:25" like for your other service, it will go straight to the IPv4 local host address.
Hope that helps!
G'luck, Peter
-- Peter Pentchev roam@{ringlet.net,debian.org,FreeBSD.org} pp@storpool.com PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
On 17 May 2019, at 5:07 pm, Peter Pentchev <roam@ringlet.net> wrote:
On Fri, May 17, 2019 at 01:54:47PM +1000, James Brown wrote:
Can anyone tell me why It tries ::1:25 first and fails before connecting to 127.0.0.1:25?
2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] accepted connection from ::ffff:192.168.1.76:49170 2019.05.17 13:48:34 LOG3[21]: s_connect: connect ::1:25: Connection refused (61) 2019.05.17 13:48:34 LOG5[21]: s_connect: connected 127.0.0.1:25 2019.05.17 13:48:34 LOG5[21]: Service [ssmtp465] connected remote server from 127.0.0.1:56701
/usr/local/etc/stunnel/stunnel.conf has:
[ssmtp465] client = no accept = 465 connect = 25 options = NO_SSLv2 #transparent = source
You have specified only a port number, not an address; thus, stunnel assumes the local host address. You have not explicitly told it to only use IPv4 addresses, so it tries the IPv6 local host address (::1) first; when that fails, it falls back to the IPv4 local host address (127.0.0.1).
If you change the line to "connect = 127.0.0.1:25" like for your other service, it will go straight to the IPv4 local host address.
Hope that helps!
G'luck, Peter
Perfect, that worked - Thanks Peter (Obvious now that I think of it!) James.
participants (3)
-
Flo Rance -
James Brown -
Peter Pentchev