Hi,
I am new to STUNNEL and I find it very useful for what I am doing right now. I would like to know if STUNNEL does support the functionality I require. I shall describe the situation below.
I run a SIP messaging server (SIP is a VoIP protocol used to establish voice calls over the Internet). STUNNEL is running on the same machine as the SIP server. The SIP server listens on a specific port say 8000 so I have in the config file
[sip-new] accept = 10000 connect = localhost:8000
and it works beautifully as the client sends the message through a SSL connection to port 10000 on the machine. So far so good.
Now I need the server to send a message to the client.
SIP server -----> STUNNEL ------> client .
Here STUNNEL acts as a SSL client and the client acts as the SSL server. (Both the client and STUNNEL support this functionality), so in the config file I have
[sip-client] accept = 11000 connect = ?:8000
How can I code in the client IP address (I know the port number where the client's SSL server is listening on) when I dont know the client IP address before hand ? (The client is typically assigned IP address by a DHCP server) and I will have more than one client which would be acting as a server.
The SIP server will know the client's IP address when the client sends a request. (SIP server can determine the IP address from the SIP message and not from the IP header) . So now the message from the SIP server will have the client's IP address but STUNNEL does not have a config for that IP address (since it is dynamic and I need to support many clients) and hence STUNNEL will not create a SSL tunnel to the client.
Can I have wildcard for the IP address ? something like [sip-client] accept = 11000 connect = *:8000 and have STUNNEL get the destination IP from the message ?
I thank you all in advance, Warm Regards Knight
-
Knight Tiger