[stunnel-users] Windows config with both SSL listen and non-SSL

This is a multi-part message in MIME format.

--===============0444679024==
Content-class: urn:content-classes:message
Content-Type: multipart/alternative;
boundary="----_=_NextPart_001_01C5FB35.2B8B193E"

This is a multi-part message in MIME format.

------_=_NextPart_001_01C5FB35.2B8B193E
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

I'm trying to set up using the Windows service the ability to listen in
SSL mode on one port (5102) and forward to non-SSL port (5010) and then
also listen on one port (5101) in non-SSL mode and forward to a remote
port (5102) in SSL mode. What I have currently in the config is:
=20
[inbound]
accept =3D 5102
connect =3D 5010
=20
[outbound]
accept =3D 5101
connect =3D x.x.x.x:5102
=20
The first STunnel example on the website talks about doing this, sort
of, but I don't see any options to specify on a service configuration
level whether the listen port is in SSL or non-SSL mode. The use of a
service name like [pop3] vs [pop3s] seems to imply a difference, but
I've got a custom application I'm trying to tunnel two way, not a
standard IETF service.
=20
A perusal of the last year's mailing list archives didn't yield
anything. I guess the next step is to look at the source and see if it's
supported unless someone here can tell me one way or the other. If it's
not supported, I guess I'll add it in.
=20
thanks,
=20
Paul
=20
=20
Paul Hethmon
Senior Engineer
Clareity(tm) Security
SAFEMLS(tm) Security Education, Consulting and Solutions
http://www.SAFEMLS.com <http://www.safemls.com/>=20
paul.hethmon@callclareity.com
work: 865.671.6630
cell: 865.250.3517
=20
=20

------_=_NextPart_001_01C5FB35.2B8B193E
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<META content=3D"MSHTML 6.00.2900.2769" name=3DGENERATOR></HEAD>
<BODY>
<DIV dir=3Dltr align=3Dleft><SPAN class=3D767170517-06122005><FONT =
face=3DArial=20
size=3D2>I'm trying to set up using the Windows service the ability to =
listen in=20
SSL mode on one port (5102) and forward to non-SSL port (5010) and then =
also=20
listen on one port (5101) in non-SSL mode and forward to a remote port =
(5102) in=20
SSL mode. What I have currently in the config is:</FONT></SPAN></DIV>
<DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial=20
size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial=20
size=3D2>[inbound]</FONT></SPAN></DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial size=3D2>accept =
=3D=20
5102</FONT></SPAN></DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial =
size=3D2>connect =3D=20
5010</FONT></SPAN></DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial=20
size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial=20
size=3D2>[outbound]</FONT></SPAN></DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial size=3D2>accept =
=3D=20
5101</FONT></SPAN></DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial =
size=3D2>connect =3D=20
x.x.x.x:5102</FONT></SPAN></DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial=20
size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial size=3D2>The =
first STunnel=20
example on the website talks about doing this, sort of, but I don't see =
any=20
options to specify on a service configuration level whether the listen =
port is=20
in SSL or non-SSL mode. The use of a service name like [pop3] vs [pop3s] =
seems=20
to imply a difference, but I've got a custom application I'm trying to =
tunnel=20
two way, not a standard IETF service.</FONT></SPAN></DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial=20
size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial size=3D2>A =
perusal of the=20
last year's mailing list archives didn't yield anything. I guess the =
next step=20
is to look at the source and see if it's supported unless someone here =
can tell=20
me one way or the other. If it's not supported, I guess I'll add it=20
in.</FONT></SPAN></DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial=20
size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial=20
size=3D2>thanks,</FONT></SPAN></DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial=20
size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial=20
size=3D2>Paul</FONT></SPAN></DIV>
<DIV><SPAN class=3D767170517-06122005><FONT face=3DArial=20
size=3D2></FONT></SPAN>&nbsp;</DIV></DIV>
<DIV>&nbsp;</DIV>
<DIV align=3Dleft><STRONG><FONT face=3DArial size=3D2>Paul=20
Hethmon</FONT></STRONG></DIV>
<DIV align=3Dleft><STRONG><FONT face=3DArial size=3D2>Senior=20
Engineer</FONT></STRONG></DIV>
<DIV align=3Dleft><FONT face=3DArial size=3D2>Clareity™ =
Security</FONT></DIV>
<DIV align=3Dleft><FONT face=3DArial size=3D2>SAFEMLS™ Security =
Education, Consulting=20
and Solutions</FONT></DIV>
<DIV align=3Dleft><FONT face=3DArial size=3D2><A=20
href=3D"http://www.safemls.com/">http://www.SAFEMLS.com</A></FONT></DIV>
<DIV align=3Dleft><FONT face=3DArial size=3D2><A=20
href=3D"mailto:paul.hethmon@callclareity.com">paul .hethmon@callclareity.c=
om</A></FONT></DIV>
<DIV align=3Dleft><FONT face=3DArial size=3D2>work: =
865.671.6630</FONT></DIV>
<DIV align=3Dleft><FONT face=3DArial size=3D2>cell: =
865.250.3517</FONT></DIV>
<DIV align=3Dleft>&nbsp;</DIV>
<DIV>&nbsp;</DIV></BODY></HTML>

------_=_NextPart_001_01C5FB35.2B8B193E--

--===============0444679024==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
stunnel-users mailing list
stunnel-users@mirt.net
http://stunnel.mirt.net/mailman/listinfo/stunnel-users

--===============0444679024==--