[stunnel-users] stunnel help

Anthony Cicalla Anthony.Cicalla at BankServ.com
Tue Feb 7 20:09:20 CET 2006

I sent an email last week for help with a stunnel setup.  I am attempting to
send syslog messages via a snare agent through stunnel to a fedora core 4
box with syslog-ng installed.  I have been able to get one machine to
successfully log to the fedora box out of 4.  I set these boxes up the same
way and I am confused as to why one is working and the others aren't .  

This is my stunnel.conf file for the clients
cert = C:\bin\stunnel\syslog-ng-server.pem
CAfile = c:\bin\stunnel\syslog-ng-client.pem
verify = 3
	accept =
	connect =

This is my stunnel.conf file for the server
cert = /etc/stunnel/syslog-ng-server.pem
CAfile = /etc/stunnel/syslog-ng-client.pem
verify = 3
        accept =
        connect =
This is my syslog-ng.conf file on the server

options {
    sync (0);
    time_reopen (10);
    log_fifo_size (1000);
    long_hostnames (off);
    use_dns (no);
    use_fqdn (no);
    create_dirs (no);
    keep_hostname (yes);

source s_sys {
    file ("/proc/kmsg" log_prefix("kernel: "));
    unix-stream ("/dev/log");
    udp(ip( port(514));
    tcp(ip( port(514));

destination d_cons { file("/dev/console"); };
destination d_mesg { file("/var/log/messages"); };
destination d_auth { file("/var/log/secure"); };

The snare agents are configured to send logs to 514.  

Any thoughts or idea's would be great.


-----Original Message-----
From: Michal Trojnara [mailto:Michal.Trojnara at mobi-com.net]
Sent: Tuesday, February 07, 2006 1:03 AM
To: stunnel-users at mirt.net
Subject: RE: [stunnel-users] stunnel closing connections with RST ?

sergei wrote:
> Is there any way to make stunnel without "client = yes"
> close connection "normal way" with FIN instead of RST ? 

Stunnel resets connections for a reason.
Probably it was reset by the other peer.
Check your stunnel log files for details.

Best regards,

stunnel-users mailing list
stunnel-users at mirt.net

More information about the stunnel-users mailing list