[stunnel-users] How to get stunnel to listen on an IPv6 interface?

jshardlo stunnel at shardlow.org.uk
Sun Mar 11 08:38:03 CET 2012 

My apologies, the site www.stunnel.org. has not been responding so was unable
to search on there. I realised it was not responding because the AAAA DNS
record is used in preference to the A DNS record and the AAAA record address
is not responding:-

john$ nslookup
> set type=AAAA
> www.stunnel.org
Server:		127.0.0.1
Address:	127.0.0.1#53

Non-authoritative answer:
www.stunnel.org	canonical name = linode.mirt.net.
linode.mirt.net	has AAAA address 2600:3c03::f03c:91ff:fe96:80c4

Authoritative answers can be found from:
> exit

john$ ping6 2600:3c03::f03c:91ff:fe96:80c4
PING6(56=40+8+8 bytes) 2001:470:35:584::2 --> 2600:3c03::f03c:91ff:fe96:80c4
Request timeout for icmp_seq=0
Request timeout for icmp_seq=1
Request timeout for icmp_seq=2
^C
--- 2600:3c03::f03c:91ff:fe96:80c4 ping6 statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss

Having now got access to the site I found how to configure for IPv6 as
such:-

[v6pop3s]
accept = :::995
connect = ::1:110




jshardlo wrote:
> 
> Hi - my server was recently connected to IPv6 as well as the original IPv4
> network.
> 
> I have been using stunnel for some time on the IPv4 network but now that I
> have IPv6 access I can't work out how to get stunnel to listen on that
> interface as well.
> 
> I checked that my stunnel has IPv6 support:-
> 
> /usr/sbin/stunnel -version
> stunnel 4.15 on i686-redhat-linux-gnu with OpenSSL 0.9.8e-fips-rhel5 01
> Jul 2008
> Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
>  
> Global options
> debug           = 5
> pid             = /var/run/stunnel.pid
> RNDbytes        = 64
> RNDfile         = /dev/urandom
> RNDoverwrite    = yes
>  
> Service-level options
> cert            = /etc/stunnel/stunnel.pem
> ciphers         = AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH
> key             = /etc/stunnel/stunnel.pem
> session         = 300 seconds
> TIMEOUTbusy     = 300 seconds
> TIMEOUTclose    = 60 seconds
> TIMEOUTconnect  = 10 seconds
> TIMEOUTidle     = 43200 seconds
> verify          = none
> 
> I have a configuration like this:
> 
> [pop3s]
> accept  = 995
> connect = 110
> 
> But when I do netstat I can see that it is only listening for port 995 on
> IPv4...
> 
> netstat -an | grep 995
> tcp        0      0 0.0.0.0:995                 0.0.0.0:*                  
> LISTEN      
> 
> netstat -an -A inet6 | grep 995
> 
> And of course when I connect to port 995 over the IPv6 network I get
> "connection refused".
> 
> Any ideas how to get stunnel to listen on the v6 address?
> 
> Thanks !
> 
> 

-- 
View this message in context: http://old.nabble.com/How-to-get-stunnel-to-listen-on-an-IPv6-interface--tp33471979p33479922.html
Sent from the Stunnel - Users mailing list archive at Nabble.com.

More information about the stunnel-users mailing list