[stunnel-users] Can not estabilish stunnel

• Previous message (by thread): [stunnel-users] stunnel closing on first packet
• Next message (by thread): [stunnel-users] Transparency issues
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

I have difficulties setting up a tunnel between two linux box I 
administrate. Right now its only in test phase, i would like to make an 
stunnel connection to the smpt server at 195.56.52.140. My final goal is 
to set up syslog through stunnel, thats why the port name/numbers.


Config file for the server:

cert = /usr/local/etc/stunnel/stunnel.pem
pid = /usr/local/etc/stunnel/stunnel.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
debug = 7
output = /usr/local/etc/stunnel/stunnel.log
[ssyslog]                                                                                                                           

accept = 195.56.52.140:2514
connect = 10.10.2.1:25

Config file for the client:

cert = /usr/local/etc/stunnel/stunnel.pem
pid = /usr/local/etc/stunnel/stunnel.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
debug = 7
output = /usr/local/etc/stunnel/stunnel.log
client = yes
[ssyslog]
accept = 2514
connect = 195.56.52.140:2514

I get the following messages in the logs after, executing a "telnet 
127.0.0.1 2514" command at the client machine (of course, smtp works on 
the other side, and i set iptables to allow incomming connections on 
2514 dport)

Server:

2005.12.13 09:09:22 LOG5[11505:1]: stunnel 4.14 on i686-pc-linux-gnu 
UCONTEXT+POLL+IPv4 with OpenSSL 0.9.7e 25 Oct 2004
2005.12.13 09:09:22 LOG7[11505:1]: Snagged 64 random bytes from /root/.rnd
2005.12.13 09:09:22 LOG7[11505:1]: Wrote 1024 new random bytes to 
/root/.rnd
2005.12.13 09:09:22 LOG7[11505:1]: RAND_status claims sufficient entropy 
for the PRNG
2005.12.13 09:09:22 LOG6[11505:1]: PRNG seeded successfully
2005.12.13 09:09:22 LOG7[11505:1]: Certificate: 
/usr/local/etc/stunnel/stunnel.pem
2005.12.13 09:09:22 LOG7[11505:1]: Key file: 
/usr/local/etc/stunnel/stunnel.pem
2005.12.13 09:09:22 LOG6[11505:1]: file ulimit = 1024 (can be changed 
with 'ulimit -n')
2005.12.13 09:09:22 LOG6[11505:1]: poll() used - no FD_SETSIZE limit for 
file descriptors
2005.12.13 09:09:22 LOG5[11505:1]: 500 clients allowed
2005.12.13 09:09:22 LOG7[11505:1]: FD 6 in non-blocking mode
2005.12.13 09:09:22 LOG7[11505:1]: FD 8 in non-blocking mode
2005.12.13 09:09:22 LOG7[11505:1]: FD 9 in non-blocking mode
2005.12.13 09:09:22 LOG7[11505:1]: SO_REUSEADDR option set on accept socket
2005.12.13 09:09:22 LOG7[11505:1]: ssyslog bound to 195.56.52.140:2514
2005.12.13 09:09:22 LOG7[11506:1]: Created pid file 
/usr/local/etc/stunnel/stunnel.pid
2005.12.13 09:09:22 LOG7[11506:0]: Waiting -1 second(s) for 2 file 
descriptor(s)
2005.12.13 09:11:23 LOG7[11506:0]: CONTEXT 1, FD=6, (IN)->()
2005.12.13 09:11:23 LOG7[11506:0]: CONTEXT 1, FD=9, (IN)->(IN)
2005.12.13 09:11:23 LOG7[11506:1]: ssyslog accepted FD=10 from 
81.183.222.1:35225
2005.12.13 09:11:23 LOG7[11506:1]: Creating a new context
2005.12.13 09:11:23 LOG7[11506:1]: Context 2 created
2005.12.13 09:11:23 LOG7[11506:2]: Context swap: 1 -> 2
2005.12.13 09:11:23 LOG7[11506:2]: ssyslog started
2005.12.13 09:11:23 LOG7[11506:2]: FD 10 in non-blocking mode
2005.12.13 09:11:23 LOG7[11506:2]: TCP_NODELAY option set on local socket
2005.12.13 09:11:23 LOG5[11506:2]: ssyslog connected from 
81.183.222.1:35225
2005.12.13 09:11:23 LOG7[11506:2]: SSL state (accept): before/accept 
initialization
2005.12.13 09:11:23 LOG7[11506:0]: Waiting 300 second(s) for 3 file 
descriptor(s)
2005.12.13 09:11:23 LOG7[11506:0]: CONTEXT 1, FD=6, (IN)->()
2005.12.13 09:11:23 LOG7[11506:0]: CONTEXT 1, FD=9, (IN)->()
2005.12.13 09:11:23 LOG7[11506:0]: CONTEXT 2, FD=10, (IN)->(IN)
2005.12.13 09:11:23 LOG7[11506:2]: SSL state (accept): SSLv3 read client 
hello A
2005.12.13 09:11:23 LOG7[11506:2]: SSL state (accept): SSLv3 write 
server hello A
2005.12.13 09:11:23 LOG7[11506:2]: SSL state (accept): SSLv3 write 
certificate A
2005.12.13 09:11:23 LOG7[11506:2]: SSL state (accept): SSLv3 write 
server done A
2005.12.13 09:11:23 LOG7[11506:2]: SSL state (accept): SSLv3 flush data
2005.12.13 09:11:23 LOG7[11506:0]: Waiting 300 second(s) for 3 file 
descriptor(s)
2005.12.13 09:11:25 LOG7[11506:0]: CONTEXT 1, FD=6, (IN)->()
2005.12.13 09:11:25 LOG7[11506:0]: CONTEXT 1, FD=9, (IN)->()
2005.12.13 09:11:25 LOG7[11506:0]: CONTEXT 2, FD=10, (IN)->(IN)
2005.12.13 09:11:25 LOG7[11506:2]: SSL state (accept): SSLv3 read client 
key exchange A
2005.12.13 09:11:25 LOG7[11506:2]: SSL state (accept): SSLv3 read 
finished A
2005.12.13 09:11:25 LOG7[11506:2]: SSL state (accept): SSLv3 write 
change cipher spec A
2005.12.13 09:11:25 LOG7[11506:2]: SSL state (accept): SSLv3 write 
finished A
2005.12.13 09:11:25 LOG7[11506:2]: SSL state (accept): SSLv3 flush data
2005.12.13 09:11:25 LOG7[11506:2]:    1 items in the session cache
2005.12.13 09:11:25 LOG7[11506:2]:    0 client connects (SSL_connect())
2005.12.13 09:11:25 LOG7[11506:2]:    0 client connects that finished
2005.12.13 09:11:25 LOG7[11506:2]:    0 client renegotiatations requested
2005.12.13 09:11:25 LOG7[11506:2]:    1 server connects (SSL_accept())
2005.12.13 09:11:25 LOG7[11506:2]:    1 server connects that finished
2005.12.13 09:11:25 LOG7[11506:2]:    0 server renegotiatiations requested
2005.12.13 09:11:25 LOG7[11506:2]:    0 session cache hits
2005.12.13 09:11:25 LOG7[11506:2]:    0 session cache misses
2005.12.13 09:11:25 LOG7[11506:2]:    0 session cache timeouts
2005.12.13 09:11:25 LOG6[11506:2]: SSL accepted: new session negotiated
2005.12.13 09:11:25 LOG6[11506:2]: Negotiated ciphers: 
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
2005.12.13 09:11:25 LOG7[11506:2]: FD 11 in non-blocking mode
2005.12.13 09:11:25 LOG7[11506:2]: ssyslog connecting 10.10.2.1:25
2005.12.13 09:11:25 LOG7[11506:2]: connect_wait: waiting 10 seconds
2005.12.13 09:11:25 LOG7[11506:0]: Waiting 10 second(s) for 3 file 
descriptor(s)
2005.12.13 09:11:35 LOG7[11506:0]: CONTEXT 1, FD=6, (IN)->()
2005.12.13 09:11:35 LOG7[11506:0]: CONTEXT 1, FD=9, (IN)->()
2005.12.13 09:11:35 LOG7[11506:0]: CONTEXT 2, FD=11, (INOUT)->()
2005.12.13 09:11:35 LOG6[11506:2]: connect_wait: s_poll_wait timeout
2005.12.13 09:11:35 LOG3[11506:2]: Failed to initialize remote connection
2005.12.13 09:11:35 LOG7[11506:2]: ssyslog finished (0 left)
2005.12.13 09:11:35 LOG5[11506:2]: stack_info: size=65536, current=4204 
(6%), maximum=4204 (6%)
2005.12.13 09:11:35 LOG7[11506:2]: Context 2 closed
2005.12.13 09:11:35 LOG7[11506:0]: Waiting -1 second(s) for 2 file 
descriptor(s)


Client:

2005.12.13 09:05:26 LOG5[17901:1]: stunnel 4.14 on i686-pc-linux-gnu 
UCONTEXT+POLL+IPv4 with OpenSSL 0.9.7 31 Dec 2002
2005.12.13 09:05:26 LOG7[17901:1]: Snagged 64 random bytes from /root/.rnd
2005.12.13 09:05:26 LOG7[17901:1]: Wrote 1024 new random bytes to 
/root/.rnd
2005.12.13 09:05:26 LOG7[17901:1]: RAND_status claims sufficient entropy 
for the PRNG
2005.12.13 09:05:26 LOG6[17901:1]: PRNG seeded successfully
2005.12.13 09:05:26 LOG7[17901:1]: Certificate: 
/usr/local/etc/stunnel/stunnel.pem
2005.12.13 09:05:26 LOG7[17901:1]: Key file: 
/usr/local/etc/stunnel/stunnel.pem
2005.12.13 09:05:26 LOG6[17901:1]: file ulimit = 1024 (can be changed 
with 'ulimit -n')
2005.12.13 09:05:26 LOG6[17901:1]: poll() used - no FD_SETSIZE limit for 
file descriptors
2005.12.13 09:05:26 LOG5[17901:1]: 500 clients allowed
2005.12.13 09:05:26 LOG7[17901:1]: FD 5 in non-blocking mode
2005.12.13 09:05:26 LOG7[17901:1]: FD 7 in non-blocking mode
2005.12.13 09:05:26 LOG7[17901:1]: FD 8 in non-blocking mode
2005.12.13 09:05:26 LOG7[17901:1]: SO_REUSEADDR option set on accept socket
2005.12.13 09:05:26 LOG7[17901:1]: ssyslog bound to 0.0.0.0:2514
2005.12.13 09:05:26 LOG7[17902:1]: Created pid file 
/usr/local/etc/stunnel/stunnel.pid
2005.12.13 09:05:26 LOG7[17902:0]: Waiting -1 second(s) for 2 file 
descriptor(s)
2005.12.13 09:07:03 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:03 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->(IN)
2005.12.13 09:07:03 LOG7[17902:1]: ssyslog accepted FD=9 from 
127.0.0.1:40024
2005.12.13 09:07:03 LOG7[17902:1]: Creating a new context
2005.12.13 09:07:03 LOG7[17902:1]: Context 2 created
2005.12.13 09:07:03 LOG7[17902:2]: Context swap: 1 -> 2
2005.12.13 09:07:03 LOG7[17902:2]: ssyslog started
2005.12.13 09:07:03 LOG7[17902:2]: FD 9 in non-blocking mode
2005.12.13 09:07:03 LOG7[17902:2]: TCP_NODELAY option set on local socket
2005.12.13 09:07:03 LOG5[17902:2]: ssyslog connected from 127.0.0.1:40024
2005.12.13 09:07:03 LOG7[17902:2]: FD 10 in non-blocking mode
2005.12.13 09:07:03 LOG7[17902:2]: ssyslog connecting 195.56.52.140:2514
2005.12.13 09:07:03 LOG7[17902:2]: connect_wait: waiting 10 seconds
2005.12.13 09:07:03 LOG7[17902:0]: Waiting 10 second(s) for 3 file 
descriptor(s)
2005.12.13 09:07:03 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:03 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:03 LOG7[17902:0]: CONTEXT 2, FD=10, (INOUT)->(OUT)
2005.12.13 09:07:03 LOG7[17902:2]: connect_wait: connected
2005.12.13 09:07:03 LOG7[17902:2]: Remote FD=10 initialized
2005.12.13 09:07:03 LOG7[17902:2]: TCP_NODELAY option set on remote socket
2005.12.13 09:07:03 LOG7[17902:2]: SSL state (connect): before/connect 
initialization
2005.12.13 09:07:03 LOG7[17902:2]: SSL state (connect): SSLv3 write 
client hello A
2005.12.13 09:07:03 LOG7[17902:0]: Waiting 300 second(s) for 3 file 
descriptor(s)
2005.12.13 09:07:06 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:06 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:06 LOG7[17902:0]: CONTEXT 2, FD=10, (IN)->(IN)
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 read 
server hello A
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 read 
server certificate A
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 read 
server done A
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 write 
client key exchange A
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 write 
change cipher spec A
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 write 
finished A
2005.12.13 09:07:06 LOG7[17902:2]: SSL state (connect): SSLv3 flush data
2005.12.13 09:07:06 LOG7[17902:0]: Waiting 300 second(s) for 3 file 
descriptor(s)
2005.12.13 09:07:08 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:08 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:08 LOG7[17902:0]: CONTEXT 2, FD=10, (IN)->(IN)
2005.12.13 09:07:08 LOG7[17902:2]: SSL state (connect): SSLv3 read 
finished A
2005.12.13 09:07:08 LOG7[17902:2]:    1 items in the session cache
2005.12.13 09:07:08 LOG7[17902:2]:    1 client connects (SSL_connect())
2005.12.13 09:07:08 LOG7[17902:2]:    1 client connects that finished
2005.12.13 09:07:08 LOG7[17902:2]:    0 client renegotiatations requested
2005.12.13 09:07:08 LOG7[17902:2]:    0 server connects (SSL_accept())
2005.12.13 09:07:08 LOG7[17902:2]:    0 server connects that finished
2005.12.13 09:07:08 LOG7[17902:2]:    0 server renegotiatiations requested
2005.12.13 09:07:08 LOG7[17902:2]:    0 session cache hits
2005.12.13 09:07:08 LOG7[17902:2]:    0 session cache misses
2005.12.13 09:07:08 LOG7[17902:2]:    0 session cache timeouts
2005.12.13 09:07:08 LOG6[17902:2]: SSL connected: new session negotiated
2005.12.13 09:07:08 LOG6[17902:2]: Negotiated ciphers: 
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
2005.12.13 09:07:08 LOG7[17902:0]: Waiting 43200 second(s) for 4 file 
descriptor(s)
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 2, FD=9, (IN)->(IN)
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 2, FD=10, (IN)->()
2005.12.13 09:07:10 LOG7[17902:0]: Waiting 43200 second(s) for 4 file 
descriptor(s)
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 2, FD=9, (IN)->()
2005.12.13 09:07:10 LOG7[17902:0]: CONTEXT 2, FD=10, (INOUT)->(OUT)
2005.12.13 09:07:10 LOG7[17902:0]: Waiting 43200 second(s) for 4 file 
descriptor(s)
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 2, FD=9, (IN)->(IN)
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 2, FD=10, (IN)->()
2005.12.13 09:07:11 LOG7[17902:0]: Waiting 43200 second(s) for 4 file 
descriptor(s)
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 2, FD=9, (IN)->()
2005.12.13 09:07:11 LOG7[17902:0]: CONTEXT 2, FD=10, (INOUT)->(OUT)
2005.12.13 09:07:11 LOG7[17902:0]: Waiting 43200 second(s) for 4 file 
descriptor(s)
2005.12.13 09:07:16 LOG7[17902:0]: CONTEXT 1, FD=5, (IN)->()
2005.12.13 09:07:16 LOG7[17902:0]: CONTEXT 1, FD=8, (IN)->()
2005.12.13 09:07:16 LOG7[17902:0]: CONTEXT 2, FD=9, (IN)->()
2005.12.13 09:07:16 LOG7[17902:0]: CONTEXT 2, FD=10, (IN)->(INERRHUP)
2005.12.13 09:07:16 LOG3[17902:2]: SSL_read: Connection reset by peer (104)
2005.12.13 09:07:16 LOG5[17902:2]: Connection reset: 4 bytes sent to 
SSL, 0 bytes sent to socket
2005.12.13 09:07:16 LOG7[17902:2]: ssyslog finished (0 left)
2005.12.13 09:07:16 LOG5[17902:2]: stack_info: size=65536, current=4180 
(6%), maximum=4180 (6%)
2005.12.13 09:07:16 LOG7[17902:2]: Context 2 closed
2005.12.13 09:07:16 LOG7[17902:0]: Waiting -1 second(s) for 2 file 
descriptor(s)

Strange thing, i did set up a windows box for testing, and i get the 
exact same error mesages when trying to connect to the server.

Any ideas?

• Previous message (by thread): [stunnel-users] stunnel closing on first packet
• Next message (by thread): [stunnel-users] Transparency issues
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]