[stunnel-users] Re: Can stunnel do this?
Matteo D'Amato
matteod at smartbox.ca
Tue Mar 7 14:48:32 CET 2006
Here is what I'm getting
Insude stunnel.conf file:
cert=/usr/local/etc/stunnel/stunnel.pem
cafile=/usr/local/etc/stunnel/stunnel.pem
output=/var/log/stunnel.log
client=yes
debug=7
[1440]
accept=10.10.10.2:1440
connect=192.168.19.50:1078
Launched using:
stunnel /etc/stunnel/stunnel.conf -p /usr/local/etc/stunnel/stunnel.pem
Log file:
2006.03.07 08:30:01 LOG5[13209:0]: Received signal 15; terminating
2006.03.07 08:30:01 LOG7[13209:0]: removing pid file
/usr/local/var/stunnel/stunnel.pid
2006.03.07 08:30:20 LOG5[13219:1]: stunnel 4.14 on i686-pc-linux-gnu
UCONTEXT+POLL+IPv4+LIBWRAP with OpenSSL 0.9.7a Feb 19 2003
2006.03.07 08:30:20 LOG7[13219:1]: Snagged 64 random bytes from
/root/.rnd
2006.03.07 08:30:20 LOG7[13219:1]: Wrote 1024 new random bytes to
/root/.rnd
2006.03.07 08:30:20 LOG7[13219:1]: RAND_status claims sufficient entropy
for the PRNG
2006.03.07 08:30:20 LOG6[13219:1]: PRNG seeded successfully
2006.03.07 08:30:20 LOG7[13219:1]: Certificate:
/usr/local/etc/stunnel/stunnel.pem
2006.03.07 08:30:20 LOG7[13219:1]: Key file:
/usr/local/etc/stunnel/stunnel.pem
2006.03.07 08:30:20 LOG6[13219:1]: file ulimit = 1024 (can be changed
with 'ulimit -n')
2006.03.07 08:30:20 LOG6[13219:1]: poll() used - no FD_SETSIZE limit for
file descriptors
2006.03.07 08:30:20 LOG5[13219:1]: 500 clients allowed
2006.03.07 08:30:20 LOG7[13219:1]: FD 4 in non-blocking mode
2006.03.07 08:30:20 LOG7[13219:1]: FD 5 in non-blocking mode
2006.03.07 08:30:20 LOG7[13219:1]: FD 6 in non-blocking mode
2006.03.07 08:30:20 LOG7[13219:1]: SO_REUSEADDR option set on accept
socket
2006.03.07 08:30:20 LOG7[13219:1]: 1440 bound to 10.10.10.2:1440
2006.03.07 08:30:20 LOG7[13220:1]: Created pid file
/usr/local/var/stunnel/stunnel.pid
2006.03.07 08:30:20 LOG7[13220:0]: Waiting -1 second(s) for 2 file
descriptor(s)
2006.03.07 08:31:46 LOG7[13220:0]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:31:46 LOG7[13220:0]: CONTEXT 1, FD=6, (IN)->(IN)
2006.03.07 08:31:46 LOG7[13220:1]: 1440 accepted FD=7 from
10.10.10.100:1049
2006.03.07 08:31:46 LOG7[13220:1]: Creating a new context
2006.03.07 08:31:46 LOG7[13220:1]: Context 2 created
2006.03.07 08:31:46 LOG7[13220:2]: Context swap: 1 -> 2
2006.03.07 08:31:46 LOG7[13220:2]: 1440 started
2006.03.07 08:31:46 LOG7[13220:2]: FD 7 in non-blocking mode
2006.03.07 08:31:46 LOG7[13220:2]: FD 8 in non-blocking mode
2006.03.07 08:31:46 LOG7[13220:2]: FD 9 in non-blocking mode
2006.03.07 08:31:46 LOG7[13221:0]: Waiting 300 second(s) for 3 file
descriptor(s)
2006.03.07 08:31:46 LOG7[13221:0]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:31:46 LOG7[13221:0]: CONTEXT 1, FD=6, (IN)->()
2006.03.07 08:31:46 LOG7[13221:0]: CONTEXT 2, FD=9, (OUT)->(OUT)
2006.03.07 08:31:46 LOG7[13220:0]: Waiting 300 second(s) for 3 file
descriptor(s)
2006.03.07 08:31:46 LOG7[13220:0]: Cleaning up the signal pipe
2006.03.07 08:31:46 LOG6[13220:0]: Child process 13221 finished with
code 0
2006.03.07 08:31:46 LOG7[13220:0]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:31:46 LOG7[13220:0]: CONTEXT 1, FD=6, (IN)->()
2006.03.07 08:31:46 LOG7[13220:0]: CONTEXT 2, FD=8, (IN)->(INHUP)
2006.03.07 08:31:46 LOG7[13220:2]: Connection from 10.10.10.100:1049
permitted by libwrap
2006.03.07 08:31:46 LOG5[13220:2]: 1440 connected from 10.10.10.100:1049
2006.03.07 08:31:46 LOG7[13220:2]: FD 8 in non-blocking mode
2006.03.07 08:31:46 LOG7[13220:2]: 1440 connecting 192.168.19.50:1078
2006.03.07 08:31:46 LOG7[13220:2]: connect_wait: waiting 10 seconds
2006.03.07 08:31:46 LOG7[13220:0]: Waiting 10 second(s) for 3 file
descriptor(s)
2006.03.07 08:31:46 LOG7[13220:0]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:31:46 LOG7[13220:0]: CONTEXT 1, FD=6, (IN)->()
2006.03.07 08:31:46 LOG7[13220:0]: CONTEXT 2, FD=8, (INOUT)->(OUT)
2006.03.07 08:31:46 LOG7[13220:2]: connect_wait: connected
2006.03.07 08:31:46 LOG7[13220:2]: Remote FD=8 initialized
2006.03.07 08:31:46 LOG7[13220:2]: SSL state (connect): before/connect
initialization
2006.03.07 08:31:46 LOG7[13220:2]: SSL state (connect): SSLv3 write
client hello A
2006.03.07 08:31:46 LOG7[13220:0]: Waiting 300 second(s) for 3 file
descriptor(s)
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 1, FD=6, (IN)->(IN)
2006.03.07 08:31:47 LOG7[13220:1]: CONTEXT 2, FD=8, (IN)->()
2006.03.07 08:31:47 LOG7[13220:1]: Context swap: 2 -> 1
2006.03.07 08:31:47 LOG7[13220:1]: Current context: 1
2006.03.07 08:31:47 LOG7[13220:1]: 1440 accepted FD=9 from
10.10.10.100:1050
2006.03.07 08:31:47 LOG7[13220:1]: Creating a new context
2006.03.07 08:31:47 LOG7[13220:1]: Context 3 created
2006.03.07 08:31:47 LOG7[13220:3]: Context swap: 1 -> 3
2006.03.07 08:31:47 LOG7[13220:3]: 1440 started
2006.03.07 08:31:47 LOG7[13220:3]: FD 9 in non-blocking mode
2006.03.07 08:31:47 LOG7[13220:3]: FD 10 in non-blocking mode
2006.03.07 08:31:47 LOG7[13220:3]: FD 11 in non-blocking mode
2006.03.07 08:31:47 LOG7[13222:0]: Waiting 299 second(s) for 4 file
descriptor(s)
2006.03.07 08:31:47 LOG7[13222:0]: CONTEXT 2, FD=8, (IN)->()
2006.03.07 08:31:47 LOG7[13222:0]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:31:47 LOG7[13222:0]: CONTEXT 1, FD=6, (IN)->()
2006.03.07 08:31:47 LOG7[13222:0]: CONTEXT 3, FD=11, (OUT)->(OUT)
2006.03.07 08:31:47 LOG7[13220:0]: Waiting 299 second(s) for 4 file
descriptor(s)
2006.03.07 08:31:47 LOG7[13220:0]: Cleaning up the signal pipe
2006.03.07 08:31:47 LOG6[13220:0]: Child process 13222 finished with
code 0
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 2, FD=8, (IN)->()
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 1, FD=6, (IN)->()
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 3, FD=10, (IN)->(INHUP)
2006.03.07 08:31:47 LOG7[13220:3]: Connection from 10.10.10.100:1050
permitted by libwrap
2006.03.07 08:31:47 LOG5[13220:3]: 1440 connected from 10.10.10.100:1050
2006.03.07 08:31:47 LOG7[13220:3]: FD 10 in non-blocking mode
2006.03.07 08:31:47 LOG7[13220:3]: 1440 connecting 192.168.19.50:1078
2006.03.07 08:31:47 LOG7[13220:3]: connect_wait: waiting 10 seconds
2006.03.07 08:31:47 LOG7[13220:0]: Waiting 10 second(s) for 4 file
descriptor(s)
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 2, FD=8, (IN)->()
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 1, FD=6, (IN)->()
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 3, FD=10, (INOUT)->(OUT)
2006.03.07 08:31:47 LOG7[13220:3]: connect_wait: connected
2006.03.07 08:31:47 LOG7[13220:3]: Remote FD=10 initialized
2006.03.07 08:31:47 LOG7[13220:3]: SSL state (connect): before/connect
initialization
2006.03.07 08:31:47 LOG7[13220:3]: SSL state (connect): SSLv3 write
client hello A
2006.03.07 08:31:47 LOG7[13220:0]: Waiting 299 second(s) for 4 file
descriptor(s)
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 2, FD=8, (IN)->(IN)
2006.03.07 08:31:47 LOG7[13220:2]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:31:47 LOG7[13220:2]: CONTEXT 1, FD=6, (IN)->()
2006.03.07 08:31:47 LOG7[13220:2]: CONTEXT 3, FD=10, (IN)->()
2006.03.07 08:31:47 LOG7[13220:2]: Context swap: 3 -> 2
2006.03.07 08:31:47 LOG7[13220:2]: Current context: 2
2006.03.07 08:31:47 LOG7[13220:0]: Waiting 300 second(s) for 4 file
descriptor(s)
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 1, FD=6, (IN)->()
2006.03.07 08:31:47 LOG7[13220:0]: CONTEXT 3, FD=10, (IN)->(IN)
2006.03.07 08:31:47 LOG7[13220:3]: CONTEXT 2, FD=8, (IN)->()
2006.03.07 08:31:47 LOG7[13220:3]: Context swap: 2 -> 3
2006.03.07 08:31:47 LOG7[13220:3]: Current context: 3
2006.03.07 08:31:47 LOG7[13220:0]: Waiting 300 second(s) for 4 file
descriptor(s)
2006.03.07 08:32:02 LOG7[13220:0]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:32:02 LOG7[13220:0]: CONTEXT 1, FD=6, (IN)->()
2006.03.07 08:32:02 LOG7[13220:0]: CONTEXT 2, FD=8, (IN)->(IN)
2006.03.07 08:32:02 LOG7[13220:2]: CONTEXT 3, FD=10, (IN)->()
2006.03.07 08:32:02 LOG7[13220:2]: Context swap: 3 -> 2
2006.03.07 08:32:02 LOG7[13220:2]: Current context: 2
2006.03.07 08:32:02 LOG7[13220:0]: Waiting 285 second(s) for 4 file
descriptor(s)
2006.03.07 08:32:02 LOG7[13220:0]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:32:02 LOG7[13220:0]: CONTEXT 1, FD=6, (IN)->()
2006.03.07 08:32:02 LOG7[13220:0]: CONTEXT 3, FD=10, (IN)->(IN)
2006.03.07 08:32:02 LOG7[13220:3]: CONTEXT 2, FD=8, (IN)->()
2006.03.07 08:32:02 LOG7[13220:3]: Context swap: 2 -> 3
2006.03.07 08:32:02 LOG7[13220:3]: Current context: 3
2006.03.07 08:32:02 LOG7[13220:0]: Waiting 300 second(s) for 4 file
descriptor(s)
2006.03.07 08:32:17 LOG7[13220:0]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:32:17 LOG7[13220:0]: CONTEXT 1, FD=6, (IN)->()
2006.03.07 08:32:17 LOG7[13220:0]: CONTEXT 2, FD=8, (IN)->(IN)
2006.03.07 08:32:17 LOG7[13220:2]: CONTEXT 3, FD=10, (IN)->()
2006.03.07 08:32:17 LOG7[13220:2]: Context swap: 3 -> 2
2006.03.07 08:32:17 LOG7[13220:2]: Current context: 2
2006.03.07 08:32:17 LOG7[13220:2]: SSL alert (write): fatal: handshake
failure
2006.03.07 08:32:17 LOG3[13220:2]: SSL_connect: 1408F10B:
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
2006.03.07 08:32:17 LOG7[13220:2]: 1440 finished (1 left)
2006.03.07 08:32:17 LOG5[13220:2]: stack_info: size=65536, current=4208
(6%), maximum=4208 (6%)
2006.03.07 08:32:17 LOG7[13220:2]: Context 2 closed
2006.03.07 08:32:17 LOG7[13220:0]: Waiting 285 second(s) for 3 file
descriptor(s)
2006.03.07 08:32:17 LOG7[13220:0]: CONTEXT 1, FD=4, (IN)->()
2006.03.07 08:32:17 LOG7[13220:0]: CONTEXT 1, FD=6, (IN)->()
2006.03.07 08:32:17 LOG7[13220:0]: CONTEXT 3, FD=10, (IN)->(IN)
2006.03.07 08:32:17 LOG7[13220:3]: Context set: 2 (dropped) -> 3
2006.03.07 08:32:17 LOG7[13220:3]: Current context: 3
2006.03.07 08:32:17 LOG7[13220:3]: Releasing context 2
2006.03.07 08:32:17 LOG7[13220:3]: SSL alert (write): fatal: handshake
failure
2006.03.07 08:32:17 LOG3[13220:3]: SSL_connect: 1408F10B:
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
2006.03.07 08:32:17 LOG7[13220:3]: 1440 finished (0 left)
2006.03.07 08:32:17 LOG5[13220:3]: stack_info: size=65536, current=4208
(6%), maximum=4208 (6%)
2006.03.07 08:32:17 LOG7[13220:3]: Context 3 closed
2006.03.07 08:32:17 LOG7[13220:0]: Waiting -1 second(s) for 2 file
descriptor(s)
--Matteo D'Amato
More information about the stunnel-users
mailing list