[stunnel-users] need to restart stunnel if stunnel starts before network?
Zhang Weiwu
zhangweiwu at realss.com
Sat Jan 23 03:14:16 CET 2010
Michal Trojnara 写道:
>
> I'm not sure what your configuration is, but for a road-warrior
> configuration you usually only need to listen on loopback (localhost)
> interface. This interface should be available regardless of any WLAN
> issues.
>
In fact the phenomenon I described is when stunnel listen only on
localhost. I can verify this by the following:
almustafa at Orphalese:~$ netstat -tl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:dict *:* LISTEN
tcp 0 0 *:46761 *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 localhost:ipp *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 localhost:ipp [::]:* LISTEN
tcp6 0 0 localhost:3128 [::]:* LISTEN
Note the last line is stunnel.
> Your configuration file and error messages would help us to provide a more
> detailed diagnosis.
Here is my full configuration
$ grep -v '^;' /etc/stunnel/stunnel.conf | grep '^.\+$'
sslVersion = SSLv3
chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4
pid = /stunnel4.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
client = yes
[https]
accept = localhost:3128
connect = remote-proxy-server-wrapped-by-stunnel:8081
TIMEOUTclose = 0
Most of the settings there are default settings by debian, what I changed limits to the [https] section.
Thanks in advance!
More information about the stunnel-users
mailing list