Hello,
I've installed stunnel-4.56-6.el7.x86_64 on my Centos 7. I can't establish a connection. Seems to be something wrong with the name resolution, because if I use the IP derect, the tunnel works.
Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526436416]: Service [cs] accepted (FD=3) from 127.0.0.1:10866 Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Service [cs] started Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Waiting for a libwrap process Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Acquired libwrap process #0 Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Releasing libwrap process #0 Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Released libwrap process #0 Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Service [cs] permitted by libwrap from 127.0.0.1:10866 Feb 12 11:58:00 server stunnel[52445]: LOG5[52445:139984526432000]: Service [cs] accepted connection from 127.0.0.1:10866 Feb 12 11:58:00 server stunnel[52445]: LOG3[52445:139984526432000]: Error resolving 'foobar.remote.site': System error returned in errno (EAI_SYSTEM) Feb 12 11:58:00 server stunnel[52445]: LOG3[52445:139984526432000]: No host resolved Feb 12 11:58:00 server stunnel[52445]: LOG5[52445:139984526432000]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Local socket (FD=3) closed Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526432000]: Service [cs] finished (0 left)
stunnel.conf: socket = r:TCP_NODELAY=1 socket = l:TCP_NODELAY=1 options = CIPHER_SERVER_PREFERENCE TIMEOUTclose = 0 sslVersion = TLSv1 options = NO_SSLv2 options = NO_SSLv3 client = yes options = DONT_INSERT_EMPTY_FRAGMENTS cert = /etc/stunnel/stunnel.pem key = /etc/stunnel/stunnel.pem debug = 7 chroot = /var/run/stunnel setuid = stunnel setgid = stunnel pid = /stunnel.pid fips = no [srvice] accept = 63123 connect = foobar.remote.site:63123 delay = yes
Any suggestions are very welcome!
Thanks in advance Tom
On Tue, Feb 12, 2019 at 12:04:54PM +0100, tom wrote:
Hello,
I've installed stunnel-4.56-6.el7.x86_64 on my Centos 7. I can't establish a connection. Seems to be something wrong with the name resolution, because if I use the IP derect, the tunnel works.
Feb 12 11:58:00 server stunnel[52445]: LOG7[52445:139984526436416]: Service [cs] accepted (FD=3) from 127.0.0.1:10866
[snip]
Error resolving 'foobar.remote.site': System error returned in errno (EAI_SYSTEM) Feb 12 11:58:00 server stunnel[52445]: LOG3[52445:139984526432000]: No host resolved
[snip]
stunnel.conf:
[snip]
chroot = /var/run/stunnel setuid = stunnel setgid = stunnel
Do you have a /var/run/stunnel/etc/resolv.conf file? (and yes, this means that if you intend for the chroot to be (re)created every time the system boots, you'll also need to put the /etc/resolv.conf file there every time)
Hope that helps!
G'luck, Peter
On Tue, 2019-02-12 12:04:54 +0100, tom wrote:
[..]
Feb 12 11:58:00 server stunnel[52445]: LOG3[52445:139984526432000]: Error resolving 'foobar.remote.site': System error returned in errno (EAI_SYSTEM)
Are you sure 'foobar.remote.site' should resolve? Does "ping foobar.remote.site" work?
Ludolf
-
Ludolf Holzheid -
Peter Pentchev -
tom