[stunnel-users] stunnel with SHOUTcast
Jan Meijer
jan.meijer at surfnet.nl
Wed Oct 20 19:24:54 CEST 2004
On Tue, 19 Oct 2004, Brian Hatch wrote:
>> Anyone gotten stunel to work with SHOUTcast or another streaming audio
>> server?
>
> Yikes!
>
> Does it use TCP only? If so, then it's probably possible. But
> most streaming protoools use UDP by default, and that won't work
> with Stunnel.
I think I once created a streaming audio thingie on my private website,
accessible by SSL and connected to that -over SSL- with stunnel on the
client-side. It worked like a charm. Can't remember what it was though.
If you look at this page
http://www.linuxforum.com/linux_tutorials/77/1.php it has some shoutcast
ipchains rules:
# Allow inbound Shoutcast
ipchains -A input -i eth0 -p TCP -s 0/0 -d 0/0 8000 -j ACCEPT
ipchains -A input -i eth0 -p TCP -s 0/0 -d 0/0 8010 -j ACCEPT
ipchains -A input -i eth0 -p TCP -s 0/0 -d 0/0 8020 -j ACCEPT
ipchains -A input -i eth0 -p TCP -s 0/0 -d 0/0 8030 -j ACCEPT
#Speed up output of Shoutcast w/TOS arguments
ipchains -A output -p tcp -d 0.0.0.0/0 8000 -t 0x01 0x08
ipchains -A output -p tcp -d 0.0.0.0/0 8010 -t 0x01 0x08
ipchains -A output -p tcp -d 0.0.0.0/0 8020 -t 0x01 0x08
ipchains -A output -p tcp -d 0.0.0.0/0 8030 -t 0x01 0x08
Which would lead one to believe that shoutcast is really TCP.
The shoutcast docs speak about a port + 1.
http://www.shoutcast.com/support/docs/docs.phtml?filenumber=110&language=english&layout=print&prevlayout=normal
Why don't you just connect to it cleartext, check with tcpdump or ethereal
what traffic goes over the wire and if it's tcp to/fro one port you can
tunnel it with stunnel :).
Jan
--
http://www.surfnet.nl/organisatie/jame
More information about the stunnel-users
mailing list