-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Dear Users,
Please take a look at the latest stunnel-5.08b4 available for download on https://www.stunnel.org/downloads.html
It adds support for SOCKS4 and SOCKS4a protocols. The SOCKS protocol itself is encapsulated within SSL/TLS encryption layer to protect the final destination address. http://www.openssh.com/txt/socks4.protocol http://www.openssh.com/txt/socks4a.protocol
The BIND command of the SOCKS protocol is not supported. The USERID parameter is ignored.
To setup SOCKS4 VPN configure the following client service:
[socks_client] client = yes accept = 127.0.0.1:1080 connect = vpn_server:9080 verify = 4 CAfile = stunnel.pem
The corresponding configuration on the vpn_server host:
[socks_server] protocol = socks accept = 9080 cert = stunnel.pem key = stunnel.key
Now test your configuration on the client machine with:
curl --socks4a localhost http://www.example.com/
Mike
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Guys,
In stunnel-5.08b5 I also implemented SOCKS5 support. So far I tested it on Chromium/Ubuntu and Firefox.
https://www.stunnel.org/downloads.html
Remote resolver is supported in both SOCKS4a and SOCKS5, so stunnel can be used to prevent DNS queries from leaking hostnames to the local network.
Mike
-
Michal Trojnara