[stunnel-users] Wildcard usage

Knight Tiger caugar at gmail.com
Mon Oct 8 21:38:20 CEST 2007


I am new to STUNNEL and I find it very useful for what I am doing right now.
I would like to know if STUNNEL does support the functionality I require. I
shall describe the situation below.

I run a  SIP messaging server (SIP is a VoIP protocol used to establish
voice calls over the Internet). STUNNEL is running on the same machine as
the SIP server. The SIP server listens on a specific port say 8000 so I have
in the config file

accept = 10000
connect = localhost:8000

and it works beautifully as the client sends the message through a SSL
connection to port 10000 on the machine. So far so good.

Now I need the server to send a message to the client.

SIP server -----> STUNNEL ------> client .

Here STUNNEL acts as a SSL client and the client acts as the SSL server.
(Both the client and STUNNEL support this functionality), so in the config
file I have

accept = 11000
connect = ?:8000

How can I code in the client IP address (I know the port number where the
client's SSL server is listening on) when I dont know the client IP address
before hand ? (The client is typically assigned IP address by a DHCP server)
and I will have more than one client which would be acting as a server.

The SIP server will know the client's IP address when the client sends a
request. (SIP server can determine the IP address from the SIP message and
not from the IP header) . So now the message from the SIP server will have
the client's IP address but STUNNEL does not have a config for that IP
address (since it is dynamic and I need to support many clients) and hence
STUNNEL will not create a SSL tunnel to the client.

Can I have wildcard for the IP address ? something like
accept = 11000
connect = *:8000 and have STUNNEL get the destination IP from the message ?

I thank you all in advance,
Warm Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20071008/2ef8bbc8/attachment.html>

More information about the stunnel-users mailing list