[stunnel-users] Multiple listeners with just one instance of Stunnel?
Nardmann, Heiko
heiko.nardmann at secunet.com
Mon Feb 14 19:28:24 CET 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
How about this one (this works) - have you ever seen a Windows INI file?
[pop3s]
accept = 995
connect = 110
[imaps]
accept = 993
connect = 143
[ssmtp]
accept = 465
connect = 25
[s1]
accept = 5000
connect = server1:110
[s2]
accept = 5001
connect = server2:25
[s10000]
accept = 10000
connect = 80
[10.1.1.100]
accept = 10100
connect = 80
[client-10.1.1.101]
accept = 10101
connect = 80
[Arbeitsstation-APC102]
accept = 10102
connect = 80
On Montag 14 Februar 2005 18:16, Michael Zarlenga wrote:
> re: Multiple listeners for 1 instance of Stunnel
>
> Ok, so in the Stunnel config file, would the proper way be:
>
> ...
> service = [service_1]
> [service_1]
> specific service_1 options
> service = [service_2]
> [service_2]
> specify service_2 options
> ...
>
> or would the proper way be:
>
> ...
> service = [service_1]
> service = [service_2]
> [service_1]
> specifiy service_1 options
> [service_2]
> specify service_2 options
> ...
>
> Or doesn't it mater?
>
> Also, do all the global stunnel options (eg: verify, CAFile, cert amd
> key) apply to all services?
>
> Lastly, can I have two services forwarding to the same connect port?
>
>
> On Mon, 14 Feb 2005 10:12:15 +0100 (CET), Jan Meijer
>
> <jan.meijer at surfnet.nl> wrote:
> > On Fri, 11 Feb 2005, Michael Zarlenga wrote:
> > > It doesn't seem possible to start 1 instance of Stunnel for multiple
> > > accept ports.
> > >
> > > Judging by the format of the Stunnel configuration file, it seems that
> > > I need to 1 instance of Stunnel for each port that accepts connections
> > > from the outside world.
> > >
> > > Is this true?
> >
> > No. Per listening port you define a service entry in the stunnel 4.x
> > configuration file.
> >
> > http://www.stunnel.org/faq/stunnel.html#servicelevel_options
> >
> > You'll have one configfile, one stunnel-daemon instance and multiple
> > listening ports.
> >
> > Jan
> >
> > --
> > http://www.surfnet.nl/organisatie/jame
>
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at mirt.net
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
- --
Heiko Nardmann (Dipl.-Ing. Technische Informatik)
secunet Security Networks AG - Sicherheit in Netzwerken (www.secunet.de),
Weidenauer Str. 223-225, D-57076 Siegen
Tel. : +49 271 48950-13, Fax : +49 271 48950-50
Besuchen Sie uns vom 10. - 16. März auf der CeBIT 2005 in Halle 7, Stand D38.
Informationen zu unseren CeBIT-Themen finden Sie unter www.secunet.com
<outbind://44/www.secunet.com> - wir freuen uns auf das Gespräch mit Ihnen.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQFCEO3Jpm53PRScYygRAuS/AJ0ZkfSMSETvgxlP03VgJWzPlKMDGACgixAV
hB+Z8MzC3/knDQRXc7zrKFs=
=AlTK
-----END PGP SIGNATURE-----
More information about the stunnel-users
mailing list