[stunnel-users] stunnel transparent mode
Julian D. Seifert
spam at julian-seifert.de
Thu Aug 18 13:05:00 CEST 2011
Am 18.08.2011 12:58, schrieb Julian D. Seifert:
> Am 18.08.2011 10:19, schrieb Michal Trojnara:
>> On Thu, 18 Aug 2011 02:59:30 +0200, Julian D. Seifert wrote:
>>> If I try it like I get "local_bind (original port): Cannot assign
>>> requested address (99) stunnel" and clients get connection abort.
>>
>> I guess either you're not running one of the supported kernels, or
>> you're not running stunnel as root.
> I checked (with ps) that stunnel is running as root(I commented out the
> setuid setgid options in the config file)
> I had two setups, one with standard ubuntu lucid lts kernel and one with
> 2.6.32. (I can also provide the kernelconfigurations or the settings of
> the options that are necessary)
Linux ubuntu 2.6.32-21-generic #32-Ubuntu SMP Fri Apr 16 08:10:02 UTC
2010 i686 GNU/Linux
lsmod | grep -ie tprox
xt_TPROXY 1165 0
nf_defrag_ipv4 1073 2 xt_TPROXY,xt_socket
nf_tproxy_core 1608 2 xt_TPROXY,xt_socket,[permanent]
x_tables 14299 4 xt_TPROXY,xt_MARK,xt_socket,ip_tables
ps:
root 2024 0.0 0.0 3876 492 pts/0 S 04:01 0:00
./stunnel stunnel.conf
root 2025 0.0 0.0 3876 492 pts/0 S 04:01 0:00
./stunnel stunnel.conf
stunnel version:
No limit detected for the number of clients
signal_pipe: FD=3 allocated (non-blocking mode)
signal_pipe: FD=4 allocated (non-blocking mode)
stunnel 4.39 on i686-pc-linux-gnu platform
Compiled/running with OpenSSL 0.9.8k 25 Mar 2009
Threading:PTHREAD SSL:ENGINE Auth:LIBWRAP Sockets:POLL,IPv6
stunnel 4.39 on i686-pc-linux-gnu platform
Compiled/running with OpenSSL 0.9.8k 25 Mar 2009
Threading:PTHREAD SSL:ENGINE Auth:LIBWRAP Sockets:POLL,IPv6
Global option defaults
debug = daemon.notice
pid = /usr/local/var/run/stunnel/stunnel.pid
RNDbytes = 64
RNDfile = /dev/urandom
RNDoverwrite = yes
Service-level option defaults
cert = /usr/local/etc/stunnel/stunnel.pem
ciphers = RC4-MD5:HIGH:!aNULL:!SSLv2
curve = sect163r2
session = 300 seconds
sslVersion = TLSv1 for client, all for server
stack = 65536 bytes
TIMEOUTbusy = 300 seconds
TIMEOUTclose = 60 seconds
TIMEOUTconnect = 10 seconds
TIMEOUTidle = 43200 seconds
verify = none
More information about the stunnel-users
mailing list