[stunnel-users] almost working

Craig Retief stunnel at rsw.co.za
Sun Oct 14 12:10:04 CEST 2007


> netstat -ltp shows inetd is listening to port 993.

If inetd is listening on port 993 then stunnel will not be able to bind to
that port since inetd has already bind to it.

If you will only be connecting to the inetd via stunnel then I recommend
that you change your listening port for inetd to something else than 993 on
the inetd config itself and restart inetd. Then you change your stunnel conf
to reflect this.

[imaps]
accept  = 993

connect = 127.0.0.1:<the_new_inetd_port>

cert    = /etc/ssl/certs/alpha.just-email.com.pem
key     = /etc/ssl/certs/alpha.just-email.com.pem
session = 14400
TIMEOUTidle = 14400

Where <the_new_inetd_port> = the new port you specified in the inetd config
file.

Hope this helps

Let me know if you get stuck.

Craig

> 
> Here's my config.
> 
> cert = /etc/stunnel/stunnel.pem
> key = /etc/stunnel/stunnel.pem
> 
> sslVersion = SSLv3
> 
> chroot = /var/lib/stunnel4/
> setuid = stunnel4
> setgid = stunnel4
> pid = /stunnel4.pid
> service=inetd
> 
> socket = l:TCP_NODELAY=1
> socket = r:TCP_NODELAY=1
> 
> debug = 7
> output = /var/log/stunnel4/stunnel.log
> 
> [imaps]
> accept  = 993
> connect = 143
> cert    = /etc/ssl/certs/alpha.just-email.com.pem
> key     = /etc/ssl/certs/alpha.just-email.com.pem
> session = 14400
> TIMEOUTidle = 14400
> 
> 
> On Oct 12, 2007, at 7:27 AM, Craig Retief wrote:
> 
> >
> > Please post your config,
> >
> >
> >
> > -----Original Message-----
> > From: stunnel-users-bounces at mirt.net [mailto:stunnel-users-
> > bounces at mirt.net]
> > On Behalf Of Tom Allison
> > Sent: 10 October 2007 04:11 AM
> > To: stunnel-users at mirt.net
> > Subject: [stunnel-users] almost working
> >
> > I'm trying to tunnel imap but I'm not getting past this:
> >
> >
> >
> > 2007.10.08 05:56:28 LOG5[5355:47656983060560]: stunnel 4.18 on
> > x86_64-pc-linux-gnu with OpenSSL 0.9.8c 05 Sep 2006
> > 2007.10.08 05:56:28 LOG5[5355:47656983060560]: Threading:PTHREAD
> > SSL:ENGINE
> > Sockets:POLL,IPv6 Auth:LIBWRAP
> > 2007.10.08 05:56:28 LOG6[5355:47656983060560]: file ulimit = 1024
> > (can be
> > changed with 'ulimit -n')
> > 2007.10.08 05:56:28 LOG6[5355:47656983060560]: poll() used - no
> > FD_SETSIZE
> > limit
> > for file descriptors
> > 2007.10.08 05:56:28 LOG5[5355:47656983060560]: 500 clients allowed
> > 2007.10.08 05:56:28 LOG7[5355:47656983060560]: FD 4 in non-blocking
> > mode
> > 2007.10.08 05:56:28 LOG7[5355:47656983060560]: FD 5 in non-blocking
> > mode
> > 2007.10.08 05:56:28 LOG7[5355:47656983060560]: FD 6 in non-blocking
> > mode
> > 2007.10.08 05:56:28 LOG7[5355:47656983060560]: SO_REUSEADDR option
> > set on
> > accept
> > socket
> > 2007.10.08 05:56:28 LOG3[5355:47656983060560]: Error binding imaps to
> > 0.0.0.0:993
> > 2007.10.08 05:56:28 LOG3[5355:47656983060560]: bind: Address
> > already in use
> > (98)
> >
> >
> > I can't find where to begin.
> > I set SO_REUSEADDR and it didn't do anything different.
> > How do I test this stuff sanely?
> > _______________________________________________
> > stunnel-users mailing list
> > stunnel-users at mirt.net
> > http://stunnel.mirt.net/mailman/listinfo/stunnel-users
> >
> > _______________________________________________
> > stunnel-users mailing list
> > stunnel-users at mirt.net
> > http://stunnel.mirt.net/mailman/listinfo/stunnel-users




More information about the stunnel-users mailing list