[stunnel-users] Multiple listeners with just one instance of Stunnel?

Nardmann, Heiko heiko.nardmann at secunet.com
Mon Feb 14 19:28:24 CET 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

How about this one (this works) - have you ever seen a Windows INI file?

[pop3s]
accept  = 995
connect = 110

[imaps]
accept  = 993
connect = 143

[ssmtp]
accept  = 465
connect = 25

[s1]
accept  = 5000
connect = server1:110

[s2]
accept  = 5001
connect = server2:25

[s10000]
accept = 10000
connect = 80

[10.1.1.100]
accept = 10100
connect = 80

[client-10.1.1.101]
accept = 10101
connect = 80

[Arbeitsstation-APC102]
accept = 10102
connect = 80

On Montag 14 Februar 2005 18:16, Michael Zarlenga wrote:
> re: Multiple listeners for 1 instance of Stunnel
>
> Ok, so in the Stunnel config file, would the proper way be:
>
> ...
> service = [service_1]
> [service_1]
> specific service_1 options
> service = [service_2]
> [service_2]
> specify service_2 options
> ...
>
> or would the proper way be:
>
> ...
> service = [service_1]
> service = [service_2]
> [service_1]
> specifiy service_1 options
> [service_2]
> specify  service_2 options
> ...
>
> Or doesn't it mater?
>
> Also, do all the global stunnel options (eg: verify, CAFile, cert amd
> key) apply to all services?
>
> Lastly, can I have two services forwarding to the same connect port?
>
>
> On Mon, 14 Feb 2005 10:12:15 +0100 (CET), Jan Meijer
>
> <jan.meijer at surfnet.nl> wrote:
> > On Fri, 11 Feb 2005, Michael Zarlenga wrote:
> > > It doesn't seem possible to start 1 instance of Stunnel for multiple
> > > accept ports.
> > >
> > > Judging by the format of the Stunnel configuration file, it seems that
> > > I need to 1 instance of Stunnel for each port that accepts connections
> > > from the outside world.
> > >
> > > Is this true?
> >
> > No.  Per listening port you define a service entry in the stunnel 4.x
> > configuration file.
> >
> > http://www.stunnel.org/faq/stunnel.html#servicelevel_options
> >
> > You'll have one configfile, one stunnel-daemon instance and multiple
> > listening ports.
> >
> > Jan
> >
> > --
> > http://www.surfnet.nl/organisatie/jame
>
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at mirt.net
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users

- -- 
Heiko Nardmann (Dipl.-Ing. Technische Informatik)
secunet Security Networks AG - Sicherheit in Netzwerken (www.secunet.de),
Weidenauer Str. 223-225, D-57076 Siegen
Tel. : +49 271 48950-13, Fax  : +49 271 48950-50

Besuchen Sie uns vom 10. - 16. März auf der CeBIT 2005 in Halle 7, Stand D38.

Informationen zu unseren CeBIT-Themen finden Sie unter www.secunet.com 
<outbind://44/www.secunet.com>  - wir freuen uns auf das Gespräch mit Ihnen.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCEO3Jpm53PRScYygRAuS/AJ0ZkfSMSETvgxlP03VgJWzPlKMDGACgixAV
hB+Z8MzC3/knDQRXc7zrKFs=
=AlTK
-----END PGP SIGNATURE-----



More information about the stunnel-users mailing list