[stunnel-users] stunnel-users Digest, Vol 190, Issue 13

Brent Kimberley brent_kimberley at rogers.com
Mon May 25 00:36:54 CEST 2020


Try: 
* Verifying the openssl version(s) 
 * Verifying the  192.168.1.96:51400 port (nmap, netstat, etc.)
 * Verifying connection (openssl s_client -connect 192.168.1.96:51400) * Verifying the ciphersuite * Verifying the certificate
>>Is there a configuration item in stunnel to at least tell it to chill out a little and not try reconnecting 1000 times a second?  Not sure.  TIMEOUTclose?

   On Sunday, May 24, 2020, 6:00:07 a.m. EDT, stunnel-users-request at stunnel.org <stunnel-users-request at stunnel.org> wrote:  
 
 Send stunnel-users mailing list submissions to
    stunnel-users at stunnel.org

To subscribe or unsubscribe via the World Wide Web, visit
    https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
or, via email, send a message with subject or body 'help' to
    stunnel-users-request at stunnel.org

You can reach the person managing the list at
    stunnel-users-owner at stunnel.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of stunnel-users digest..."


Today's Topics:

  1. /var/log/syslog is filling up with stunnel errors (digitek)
  2. Re: /var/log/syslog is filling up with stunnel errors
      (Thomas Ward)


----------------------------------------------------------------------

Message: 1
Date: Sat, 23 May 2020 18:17:49 -0500
From: digitek <digitek at charter.net>
To: stunnel-users at stunnel.org
Subject: [stunnel-users] /var/log/syslog is filling up with stunnel
    errors
Message-ID: <434e3153-d94c-bb71-fc51-1716db588290 at charter.net>
Content-Type: text/plain; charset=windows-1252; format=flowed

Hi,
I've been running stunnel for years to shuttle my syslogs off to a syslog server. It's performed flawlessly up until a few weeks ago. Recently, rebooting my syslog server results in the clients filling up /var/log/syslog 
with messages like below[1].

I'm not certain where the issue is. We've gone through some Ubuntu 16.04 > 18.04 upgrades on some hosts, as well as the syslog server. Is there a configuration item in stunnel to at least tell it to chill out a little and 
not try reconnecting 1000 times a second?  My config from a client is here[2]

Last time this happened (few weeks ago) I googled around and found the TIMEOUTconnect parameter to try and get stunnel to at least wait 10 seconds before attempting another connect, but guess it doesn't work that way.

Any thoughts? The stunnel client is on Ubuntu 18.04. I'd rather not compile out-of-band for the latest stunnel version unless I must. I"m assuming this is a config issue on my end.  The version I'm stuck with right now is 
stunnel 5.44 on x86_64-pc-linux-gnu platform

Thanks!

[1]
May 23 17:42:04 shuriken stunnel: LOG5[44922183]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket
May 23 17:42:04 shuriken stunnel: LOG5[44922184]: Service [syslog_tunnel] accepted connection from 127.0.0.1:55440
May 23 17:42:04 shuriken stunnel: LOG3[44922184]: s_connect: connect 192.168.1.96:51400: Connection refused (111)
May 23 17:42:04 shuriken stunnel: LOG3[44922184]: No more addresses to connect
May 23 17:42:04 shuriken stunnel: LOG5[44922184]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket
May 23 17:42:04 shuriken stunnel: LOG5[44922185]: Service [syslog_tunnel] accepted connection from 127.0.0.1:55444
May 23 17:42:04 shuriken stunnel: LOG3[44922185]: s_connect: connect 192.168.1.96:51400: Connection refused (111)
May 23 17:42:04 shuriken stunnel: LOG3[44922185]: No more addresses to connect


[2]
client  = yes
cert    = /etc/stunnel/shared/stunnel.pem
pid      = /var/run/stunnel4/syslog_stunnel.pid

[syslog_tunnel]
accept  = 127.0.0.1:5140
connect  = 192.168.1.96:51400
TIMEOUTconnect = 10


------------------------------

Message: 2
Date: Sat, 23 May 2020 20:09:48 -0400
From: Thomas Ward <teward at thomas-ward.net>
To: digitek <digitek at charter.net>, stunnel-users at stunnel.org
Subject: Re: [stunnel-users] /var/log/syslog is filling up with
    stunnel errors
Message-ID: <49V0wH16GWz2QGD at mail.syn-ack.link>
Content-Type: text/plain; charset="utf-8"

This is indicative of the remote server not running on the right ports normally or actively blocking you, given the "Connection Refused" errors.? Verify your system stunnel is on actually can connect to the specified IP and port combo independently of stunnel to start with.Sent from my Sprint Samsung Galaxy Note10+.
-------- Original message --------From: digitek <digitek at charter.net> Date: 5/23/20  19:18  (GMT-05:00) To: stunnel-users at stunnel.org Subject: [stunnel-users] /var/log/syslog is filling up with stunnel errors Hi,I've been running stunnel for years to shuttle my syslogs off to a syslog server. It's performed flawlessly up until a few weeks ago. Recently, rebooting my syslog server results in the clients filling up /var/log/syslog with messages like below[1].I'm not certain where the issue is. We've gone through some Ubuntu 16.04 > 18.04 upgrades on some hosts, as well as the syslog server. Is there a configuration item in stunnel to at least tell it to chill out a little and not try reconnecting 1000 times a second?? My config from a client is here[2]Last time this happened (few weeks ago) I googled around and found the TIMEOUTconnect parameter to try and get stunnel to at least wait 10 seconds before attempting another connect, but guess it doesn't work that way.Any thoughts? The stu
 nnel client is on Ubuntu 18.04. I'd rather not compile out-of-band for the latest stunnel version unless I must. I"m assuming this is a config issue on my end.? The version I'm stuck with right now is stunnel 5.44 on x86_64-pc-linux-gnu platformThanks![1]May 23 17:42:04 shuriken stunnel: LOG5[44922183]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socketMay 23 17:42:04 shuriken stunnel: LOG5[44922184]: Service [syslog_tunnel] accepted connection from 127.0.0.1:55440May 23 17:42:04 shuriken stunnel: LOG3[44922184]: s_connect: connect 192.168.1.96:51400: Connection refused (111)May 23 17:42:04 shuriken stunnel: LOG3[44922184]: No more addresses to connectMay 23 17:42:04 shuriken stunnel: LOG5[44922184]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socketMay 23 17:42:04 shuriken stunnel: LOG5[44922185]: Service [syslog_tunnel] accepted connection from 127.0.0.1:55444May 23 17:42:04 shuriken stunnel: LOG3[44922185]: s_connect: connect 192.168.1.96:51400: Conn
 ection refused (111)May 23 17:42:04 shuriken stunnel: LOG3[44922185]: No more addresses to connect[2]client?? = yescert???? = /etc/stunnel/shared/stunnel.pempid????? = /var/run/stunnel4/syslog_stunnel.pid[syslog_tunnel]accept?? = 127.0.0.1:5140connect? = 192.168.1.96:51400TIMEOUTconnect = 10_______________________________________________stunnel-users mailing liststunnel-users at stunnel.orghttps://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20200523/f6ef2500/attachment-0001.htm>

------------------------------

Subject: Digest Footer

_______________________________________________
stunnel-users mailing list
stunnel-users at stunnel.org
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users


------------------------------

End of stunnel-users Digest, Vol 190, Issue 13
**********************************************
  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20200524/0c213496/attachment-0001.htm>


More information about the stunnel-users mailing list