[stunnel-users] Can not estabilish stunnel

This is a discussion on [stunnel-users] Can not estabilish stunnel within the Stunnel Users forums, part of the Networking and Network Related category; Hi, I have difficulties setting up a tunnel between two linux box I administrate. Right now its only in test ...


Go Back   Usenet Forums > Networking and Network Related > Stunnel Users

Reload this Page [stunnel-users] Can not estabilish stunnel

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 12-13-2005
McDouglas
 
Posts: n/a
Default [stunnel-users] Can not estabilish stunnel
Hi,

I have difficulties setting up a tunnel between two linux box I
administrate. Right now its only in test phase, i would like to make an
stunnel connection to the smpt server at 195.56.52.140. My final goal is
to set up syslog through stunnel, thats why the port name/numbers.


Config file for the server:

cert = /usr/local/etc/stunnel/stunnel.pem
pid = /usr/local/etc/stunnel/stunnel.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
debug = 7
output = /usr/local/etc/stunnel/stunnel.log
[ssyslog]

accept = 195.56.52.140:2514
connect = 10.10.2.1:25

Config file for the client:

cert = /usr/local/etc/stunnel/stunnel.pem
pid = /usr/local/etc/stunnel/stunnel.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
debug = 7
output = /usr/local/etc/stunnel/stunnel.log
client = yes
[ssyslog]
accept = 2514
connect = 195.56.52.140:2514

I get the following messages in the logs after, executing a "telnet
127.0.0.1 2514" command at the client machine (of course, smtp works on
the other side, and i set iptables to allow incomming connections on
2514 dport)

Server:

2005.12.13 09:09:22 LOG5[11505:1]: stunnel 4.14 on i686-pc-linux-gnu
UCONTEXT+POLL+IPv4 with OpenSSL 0.9.7e 25 Oct 2004
2005.12.13 09:09:22 LOG7[11505:1]: Snagged 64 random bytes from /root/.rnd
2005.12.13 09:09:22 LOG7[11505:1]: Wrote 1024 new random bytes to
/root/.rnd
2005.12.13 09:09:22 LOG7[11505:1]: RAND_status claims sufficient entropy
for the PRNG
2005.12.13 09:09:22 LOG6[11505:1]: PRNG seeded successfully
2005.12.13 09:09:22 LOG7[11505:1]: Certificate:
/usr/local/etc/stunnel/stunnel.pem
2005.12.13 09:09:22 LOG7[11505:1]: Key file:
/usr/local/etc/stunnel/stunnel.pem
2005.12.13 09:09:22 LOG6[11505:1]: file ulimit = 1024 (can be changed
with 'ulimit -n')
2005.12.13 09:09:22 LOG6[11505:1]: poll() used - no FD_SETSIZE limit for
file descriptors
2005.12.13 09:09:22 LOG5[11505:1]: 500 clients allowed
2005.12.13 09:09:22 LOG7[11505:1]: FD 6 in non-blocking mode
2005.12.13 09:09:22 LOG7[11505:1]: FD 8 in non-blocking mode
2005.12.13 09:09:22 LOG7[11505:1]: FD 9 in non-blocking mode
2005.12.13 09:09:22 LOG7[11505:1]: SO_REUSEADDR option set on accept socket
2005.12.13 09:09:22 LOG7[11505:1]: ssyslog bound to 195.56.52.140:2514
2005.12.13 09:09:22 LOG7[11506:1]: Created pid file
/usr/local/etc/stunnel/stunnel.pid
2005.12.13 09:09:22 LOG7[11506:0]: Waiting -1 second(s) for 2 file
descriptor(s)
2005.12.13 09:11:23 LOG7[11506:0]: CONTEXT 1, FD=6, (IN)->()
2005.12.13 09:11:23 LOG7[11506:0]: CONTEXT 1, FD=9, (IN)->(IN)
2005.12.13 09:11:23 LOG7[11506:1]: ssyslog accepted FD=10 from
81.183.222.1:35225
2005.12.13 09:11:23 LOG7[11506:1]: Creating a new context
2005.12.13 09:11:23 LOG7[11506:1]: Context 2 created
2005.12.13 09:11:23 LOG7[11506:2]: Context swap: 1 -> 2
2005.12.13 09:11:23 LOG7[11506:2]: ssyslog started
2005.12.13 09:11:23 LOG7[11506:2]: FD 10 in non-blocking mode
2005.12.13 09:11:23 LOG7[11506:2]: TCP_NODELAY option set on local socket
2005.12.13 09:11:23 LOG5[11506:2]: ssyslog connected from
81.183.222.1:35225
2005.12.13 09:11:23 LOG7[11506:2]: SSL state (accept): before/accept
initialization
2005.12.13 09:11:23 LOG7[11506:0]: Waiting 300 second(s) for 3 file
descriptor(s)
2005.12.13 09:11:23 LOG7[11506:0]: CONTEXT 1, FD=6, (IN)->()
2005.12.13 09:11:23 LOG7[11506:0]: CONTEXT 1, FD=9, (IN)->()
2005.12.13 09:11:23 LOG7[11506:0]: CONTEXT 2, FD=10, (IN)->(IN)
2005.12.13 09:11:23 LOG7[11506:2]: SSL state (accept): SSLv3 read client
hello A
2005.12.13 09:11:23 LOG7[11506:2]: SSL state (accept): SSLv3 write
server hello A
2005.12.13 09:11:23 LOG7[11506:2]: SSL state (accept): SSLv3 write
certificate A
2005.12.13 09:11:23 LOG7[11506:2]: SSL state (accept): SSLv3 write
server done A
2005.12.13 09:11:23 LOG7[11506:2]: SSL state (accept): SSLv3 flush data
2005.12.13 09:11:23 LOG7[11506:0]: Waiting 300 second(s) for 3 file
descriptor(s)
2005.12.13 09:11:25 LOG7[11506:0]: CONTEXT 1, FD=6, (IN)->()
2005.12.13 09:11:25 LOG7[11506:0]: CONTEXT 1, FD=9, (IN)->()
2005.12.13 09:11:25 LOG7[11506:0]: CONTEXT 2, FD=10, (IN)->(IN)
2005.12.13 09:11:25 LOG7[11506:2]: SSL state (accept): SSLv3 read client
key exchange A
2005.12.13 09:11:25 LOG7[11506:2]: SSL state (accept): SSLv3 read
finished A
2005.12.13 09:11:25 LOG7[11506:2]: SSL state (accept): SSLv3 write
change cipher spec A
2005.12.13 09:11:25 LOG7[11506:2]: SSL state (accept): SSLv3 write
finished A
2005.12.13 09:11:25 LOG7[11506:2]: SSL state (accept): SSLv3 flush data
2005.12.13 09:11:25 LOG7[11506:2]: 1 items in the session cache
2005.12.13 09:11:25 LOG7[11506:2]: 0 client connects (SSL_connect())
2005.12.13 09:11:25 LOG7[11506:2]: 0 client connects that finished
2005.12.13 09:11:25 LOG7[11506:2]: 0 client renegotiatations requested
2005.12.13 09:11:25 LOG7[11506:2]: 1 server connects (SSL_accept())
2005.12.13 09:11:25 LOG7[11506:2]: 1 server connects that finished
2005.12.13 09:11:25 LOG7[11506:2]: 0 server renegotiatiations requested
2005.12.13 09:11:25 LOG7[11506:2]: 0 session cache hits
2005.12.13 09:11:25 LOG7[11506:2]: 0 session cache misses
2005.12.13 09:11:25 LOG7[11506:2]: 0 session cache timeouts
2005.12.13 09:11:25 LOG6[11506:2]: SSL accepted: new session negotiated
2005.12.13 09:11:25 LOG6[11506:2]: Negotiated ciphers:
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
2005.12.13 09:11:25 LOG7[11506:2]: FD 11 in non-blocking mode
2005.12.13 09:11:25 LOG7[11506:2]: ssyslog connecting 10.10.2.1:25
2005.12.13 09:11:25 LOG7[11506:2]: connect_wait: waiting 10 seconds
2005.12.13 09:11:25 LOG7[11506:0]: Waiting 10 second(s) for 3 file
descriptor(s)
2005.12.13 09:11:35 LOG7[11506:0]: CONTEXT 1, FD=6, (IN)->()
2005.12.13 09:11:35 LOG7[11506:0]: CONTEXT 1, FD=9, (IN)->()
2005.12.13 09:11:35 LOG7[11506:0]: CONTEXT 2, FD=11, (INOUT)->()
2005.12.13 09:11:35 LOG6[11506:2]: connect_wait: s_poll_wait timeout
2005.12.13 09:11:35 LOG3[11506:2]: Failed to initialize remote connection
2005.12.13 09:11:35 LOG7[11506:2]: ssyslog finished (0 left)
2005.12.13 09:11:35 LOG5[11506:2]: stack_info: size=65536, current=4204
(6%), maximum=4204 (6%)
2005.12.13 09:11:35 LOG7[11506:2]: Context 2 closed
2005.12.13 09:11:35 LOG7[11506:0]: Waiting -1 second(s) for 2 file
descriptor(s)


Client:

2005.12.13 09:05:26 LOG5[17901:1]: stunnel 4.14 on i686-pc-linux-gnu
UCONTEXT+POLL+IPv4 with OpenSSL 0.9.7 31 Dec 2002
2005.12.13 09:05:26 LOG7[17901:1]: Snagged 64 random bytes from /root/.rnd
2005.12.13 09:05:26 LOG7[17901:1]: Wrote 1024 new random bytes to
/root/.rnd
2005.12.13 09:05:26 LOG7[17901:1]: RAND_status claims sufficient entropy
for the PRNG
2005.12.13 09:05:26 LOG6[17901:1]: PRNG seeded successfully
2005.12.13 09:05:26 LOG7[17901:1]: Certificate:
/usr/local/etc/stunnel/stunnel.pem
2005.12.13 09:05:26 LOG7[17901:1]: Key file:
/usr/local/etc/stunnel/stunnel.pem
2005.12.13 09:05:26 LOG6[17901:1]: file ulimit = 1024 (can be changed
with 'ulimit -n')
2005.12.13 09:05:26 LOG6[17901:1]: poll() used - no FD_SETSIZE limit for
file descriptors
2005.12.13 09:05:26 LOG5[17901:1]: 500 clients allowed
2005.12.13 09:05:26 LOG7[17901:1]: FD 5 in non-blocking mode
2005.12.13 09:05:26 LOG7[17901:1]: FD 7 in non-blocking mode
2005.12.13 09:05:26 LOG7[17901:1]: FD 8 in non-blocking mode
2005.12.13 09:05:26 LOG7[17901:1]: SO_REUSEADDR option set on accept socket
2005.12.13 09:05:26 LOG7[17901:1]: ssyslog bound to 0.0.0.0:2514
2005.12.13 09:05:26 LOG7[17902:1]: Created pid file
/usr/local/etc/stunnel/stunnel.pid
2005.12.13 09:05:26 LOG7[17902:0]: Waiting -1 second(s) for 2 file
descriptor(s)
2005.12.13 09:07:03 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:03 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->(IN)
2005.12.13 09:07:03 LOG7[17902:1]: ssyslog accepted FD=9 from
127.0.0.1:40024
2005.12.13 09:07:03 LOG7[17902:1]: Creating a new context
2005.12.13 09:07:03 LOG7[17902:1]: Context 2 created
2005.12.13 09:07:03 LOG7[17902:2]: Context swap: 1 -> 2
2005.12.13 09:07:03 LOG7[17902:2]: ssyslog started
2005.12.13 09:07:03 LOG7[17902:2]: FD 9 in non-blocking mode
2005.12.13 09:07:03 LOG7[17902:2]: TCP_NODELAY option set on local socket
2005.12.13 09:07:03 LOG5[17902:2]: ssyslog connected from 127.0.0.1:40024
2005.12.13 09:07:03 LOG7[17902:2]: FD 10 in non-blocking mode
2005.12.13 09:07:03 LOG7[17902:2]: ssyslog connecting 195.56.52.140:2514
2005.12.13 09:07:03 LOG7[17902:2]: connect_wait: waiting 10 seconds
2005.12.13 09:07:03 LOG7[17902:0]: Waiting 10 second(s) for 3 file
descriptor(s)
2005.12.13 09:07:03 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:03 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:03 LOG7[17902:0]: CONTEXT 2, FD=10, (INOUT)->(OUT)
2005.12.13 09:07:03 LOG7[17902:2]: connect_wait: connected
2005.12.13 09:07:03 LOG7[17902:2]: Remote FD=10 initialized
2005.12.13 09:07:03 LOG7[17902:2]: TCP_NODELAY option set on remote socket
2005.12.13 09:07:03 LOG7[17902:2]: SSL state (connect): before/connect
initialization
2005.12.13 09:07:03 LOG7[17902:2]: SSL state (connect): SSLv3 write
client hello A
2005.12.13 09:07:03 LOG7[17902:0]: Waiting 300 second(s) for 3 file
descriptor(s)
2005.12.13 09:07:06 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:06 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:06 LOG7[17902:0]: CONTEXT 2, FD=10, (IN)->(IN)
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 read
server hello A
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 read
server certificate A
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 read
server done A
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 write
client key exchange A
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 write
change cipher spec A
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 write
finished A
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 flush data
2005.12.13 09:07:06 LOG7[17902:0]: Waiting 300 second(s) for 3 file
descriptor(s)
2005.12.13 09:07:08 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:08 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:08 LOG7[17902:0]: CONTEXT 2, FD=10, (IN)->(IN)
2005.12.13 09:07:08 LOG7[17902:2]: SSL state (connect): SSLv3 read
finished A
2005.12.13 09:07:08 LOG7[17902:2]: 1 items in the session cache
2005.12.13 09:07:08 LOG7[17902:2]: 1 client connects (SSL_connect())
2005.12.13 09:07:08 LOG7[17902:2]: 1 client connects that finished
2005.12.13 09:07:08 LOG7[17902:2]: 0 client renegotiatations requested
2005.12.13 09:07:08 LOG7[17902:2]: 0 server connects (SSL_accept())
2005.12.13 09:07:08 LOG7[17902:2]: 0 server connects that finished
2005.12.13 09:07:08 LOG7[17902:2]: 0 server renegotiatiations requested
2005.12.13 09:07:08 LOG7[17902:2]: 0 session cache hits
2005.12.13 09:07:08 LOG7[17902:2]: 0 session cache misses
2005.12.13 09:07:08 LOG7[17902:2]: 0 session cache timeouts
2005.12.13 09:07:08 LOG6[17902:2]: SSL connected: new session negotiated
2005.12.13 09:07:08 LOG6[17902:2]: Negotiated ciphers:
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
2005.12.13 09:07:08 LOG7[17902:0]: Waiting 43200 second(s) for 4 file
descriptor(s)
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 2, FD=9, (IN)->(IN)
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 2, FD=10, (IN)->()
2005.12.13 09:07:10 LOG7[17902:0]: Waiting 43200 second(s) for 4 file
descriptor(s)
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 2, FD=9, (IN)->()
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 2, FD=10, (INOUT)->(OUT)
2005.12.13 09:07:10 LOG7[17902:0]: Waiting 43200 second(s) for 4 file
descriptor(s)
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 2, FD=9, (IN)->(IN)
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 2, FD=10, (IN)->()
2005.12.13 09:07:11 LOG7[17902:0]: Waiting 43200 second(s) for 4 file
descriptor(s)
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 2, FD=9, (IN)->()
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 2, FD=10, (INOUT)->(OUT)
2005.12.13 09:07:11 LOG7[17902:0]: Waiting 43200 second(s) for 4 file
descriptor(s)
2005.12.13 09:07:16 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:16 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:16 LOG7[17902:0]: CONTEXT 2, FD=9, (IN)->()
2005.12.13 09:07:16 LOG7[17902:0]: CONTEXT 2, FD=10, (IN)->(INERRHUP)
2005.12.13 09:07:16 LOG3[17902:2]: SSL_read: Connection reset by peer (104)
2005.12.13 09:07:16 LOG5[17902:2]: Connection reset: 4 bytes sent to
SSL, 0 bytes sent to socket
2005.12.13 09:07:16 LOG7[17902:2]: ssyslog finished (0 left)
2005.12.13 09:07:16 LOG5[17902:2]: stack_info: size=65536, current=4180
(6%), maximum=4180 (6%)
2005.12.13 09:07:16 LOG7[17902:2]: Context 2 closed
2005.12.13 09:07:16 LOG7[17902:0]: Waiting -1 second(s) for 2 file
descriptor(s)

Strange thing, i did set up a windows box for testing, and i get the
exact same error mesages when trying to connect to the server.

Any ideas?
_______________________________________________
stunnel-users mailing list
stunnel-users@mirt.net
http://stunnel.mirt.net/mailman/listinfo/stunnel-users
Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 10:23 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0