[stunnel-users] stunnel help

Anthony Cicalla Anthony.Cicalla at BankServ.com
Tue Feb 7 20:09:20 CET 2006


I sent an email last week for help with a stunnel setup.  I am attempting to
send syslog messages via a snare agent through stunnel to a fedora core 4
box with syslog-ng installed.  I have been able to get one machine to
successfully log to the fedora box out of 4.  I set these boxes up the same
way and I am confused as to why one is working and the others aren't .  

This is my stunnel.conf file for the clients
cert = C:\bin\stunnel\syslog-ng-server.pem
CAfile = c:\bin\stunnel\syslog-ng-client.pem
verify = 3
[5140]	
	accept = 127.0.0.1:514
	connect = 192.168.185.60:5140

This is my stunnel.conf file for the server
cert = /etc/stunnel/syslog-ng-server.pem
CAfile = /etc/stunnel/syslog-ng-client.pem
verify = 3
[5140]
        accept = 192.168.185.60:5140
        connect = 127.0.0.1:514
This is my syslog-ng.conf file on the server

options {
    sync (0);
    time_reopen (10);
    log_fifo_size (1000);
    long_hostnames (off);
    use_dns (no);
    use_fqdn (no);
    create_dirs (no);
    keep_hostname (yes);
};

source s_sys {
    file ("/proc/kmsg" log_prefix("kernel: "));
    unix-stream ("/dev/log");
    internal();
    udp(ip(0.0.0.0) port(514));
    tcp(ip(0.0.0.0) port(514));
};

destination d_cons { file("/dev/console"); };
destination d_mesg { file("/var/log/messages"); };
destination d_auth { file("/var/log/secure"); };


The snare agents are configured to send logs to 127.0.0.1 514.  

Any thoughts or idea's would be great.

sincerely,
Anthony



-----Original Message-----
From: Michal Trojnara [mailto:Michal.Trojnara at mobi-com.net]
Sent: Tuesday, February 07, 2006 1:03 AM
To: stunnel-users at mirt.net
Subject: RE: [stunnel-users] stunnel closing connections with RST ?


sergei wrote:
> Is there any way to make stunnel without "client = yes"
> close connection "normal way" with FIN instead of RST ? 

Stunnel resets connections for a reason.
Probably it was reset by the other peer.
Check your stunnel log files for details.

Best regards,
    Mike

_______________________________________________
stunnel-users mailing list
stunnel-users at mirt.net
http://stunnel.mirt.net/mailman/listinfo/stunnel-users



More information about the stunnel-users mailing list