[stunnel-users] stunnel silently dies
Uffe Vedenbrant
sqm at mynta.org
Sun Oct 16 06:54:47 CEST 2005
Finally found why/where stunnel silently dies for me..;-)
In FreeBSD there is a default "catch-all" entry in hosts.allow that
stunnel does not like if there is any missing service entries the first
time stunnel is started...
I.e. one needs to have all stunnel.conf service entries configured
in hosts.allow, in my case
SMTPPORT25 : ALL : allow
IMAPPORT143 : ALL : allow
needed to be there...
The "catch-all" looks as below..
--------------
# The rest of the daemons are protected.
ALL : ALL \
: severity auth.info \
: twist /bin/echo "You are not welcome to use %d from %h."
-------------
This causes stunnel to silently die with exit code 0..
If this is removed/changed to
-----------------
ALL : ALL : deny
-----------------
everything works as expected..
I.e. libwrap will complain about unauthorized access and keep on
running, not just die without any logging at all..
I really cannot say however if this is a stunnel or libwrap
bug/feature.. I.e. is stunnel to sensitive of what it gets back from
libwrap or is libwrap sending more data than needed back to stunnel..
/Uffe
Jan Meijer wrote:
> On Fri, 14 Oct 2005, Uffe Vedenbrant wrote:
>
>
>>Is there any possibility to have stunnel to say something about
>>tcpwrapper problems..;-)
>
>
> I don't really understand it as I made this config error a couple of times
> myself but it was nicely logged. Then again, this last happened to me
> with 3.x code so...
>
> Jan
More information about the stunnel-users
mailing list