[stunnel-users] keepalive and stunnel
Ludolf Holzheid
lholzheid at bihl-wiedemann.de
Tue Jul 23 19:56:50 CEST 2013
On Tue, 2013-07-23 13:30:08 -0400, David H. Durgee wrote:
> I am attempting to use stunnel to provide secure telnet access to a
> server on my system. As it is possible that a user may be idle for long
> period I have attempted to enable keepalive with stunnel. My stunnel
> conf files contain:
>
> socket = l:SO_KEEPALIVE=1
> socket = r:SO_KEEPALIVE=1
>
> on both the server and client side. But wireshark shows no keepalive
> packets being exchanged. I am using socat to provide a service on the
> LAN and connections using socat do show keepalive packets. But to get
> this working with socat I had to use the following:
>
> socat -d -d -L/var/lock/Port$PORT -
> TCP:127.0.0.1:$PORT,keepalive,keepcnt=10,keepidle=3,keepintvl=1
>
> I had originally tried it with only the keepalive option, but it took
> adding the other three options for it to work. Perhaps this is
> particular to my linux mint 13 maya x64 system and keepalive works by
> itself on windows? Are the other three options supported in stunnel?
`stunnel -sockets´ should show the available socket options and their
default values.
For the box I'm writing this mail from, the default for TCP_KEEPIDLE
is 7200 and for TCP_KEEPINTVL 75 (both in seconds). You'll have to be
quite patient if you want to watch keepalive packets in wireshark
without tweaking the defaults ...
HTH,
Ludolf
--
Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
Tel: +49 621 33996-0
Fax: +49 621 3392239
mailto:lholzheid at bihl-wiedemann.de
http://www.bihl-wiedemann.de
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796
More information about the stunnel-users
mailing list