Ayrıca stunnel.conf parametreleri de şu şekilde:
; Sample stunnel configuration file by Michal Trojnara 2002-2006
; Some options used here may not be adequate for your particular
configuration
; Please make sure you understand them (especially the effect of chroot
jail)
; Certificate/key is needed in server mode and optional in client mode
cert = /usr/local/etc/stunnel/stunnel.pem
;key = /usr/local/etc/stunnel/mail.pem
; Protocol version (all, SSLv2, SSLv3, TLSv1)
sslVersion = SSLv3
; Some security enhancements for UNIX systems - comment them out on Win32
chroot = /usr/local/var/stunnel
setuid = stunnel
setgid = nogroup
; PID is created inside chroot jail
pid = /stunnel.pid
; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
;compression = rle
; Workaround for Eudora bug
;options = DONT_INSERT_EMPTY_FRAGMENTS
; Authentication stuff
;verify = 2
; Don't forget to c_rehash CApath
; CApath is located inside chroot jail
;CApath = /certs
; It's often easier to use CAfile
;CAfile = /usr/local/etc/stunnel/certs.pem
; Don't forget to c_rehash CRLpath
; CRLpath is located inside chroot jail
;CRLpath = /crls
; Alternatively you can use CRLfile
;CRLfile = /usr/local/etc/stunnel/crls.pem
; Some debugging stuff useful for troubleshooting
;debug = 7
;output = stunnel.log
; Use it for client mode
;client = yes
; Service-level configuration
[pop3s]
accept = 995
connect = 110
[imaps]
accept = 993
connect = 143
[ssmtp]
accept = 465
connect = 25
;[https]
;accept = 443
;connect = 80
;TIMEOUTclose = 0
-----Original Message-----
From: Cahit Güçlü [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 28, 2007 10:49 PM
To: 'Ismail YENIGUL'
Subject: RE: Re[2]: [FreeBSD] stunnel hata
/var/log/messages:
Feb 28 20:45:11 server stunnel: LOG5[423:134743040]: pop3s accepted
connection from 192.168.2.4:1198
Feb 28 20:45:11 server stunnel: LOG3[423:134743040]: SSL_accept: 1408F10B:
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
Feb 28 20:45:11 server stunnel: LOG5[423:134743040]: Connection reset: 0
bytes sent to SSL, 0 bytes sent to socket
Feb 28 20:45:11 server stunnel: LOG5[423:134743552]: pop3s accepted
connection from 192.168.2.4:1199
Feb 28 20:45:11 server stunnel: LOG3[423:134743552]: SSL_accept: Peer
suddenly disconnected
Feb 28 20:45:11 server stunnel: LOG5[423:134743552]: Connection reset: 0
bytes sent to SSL, 0 bytes sent to socket
/var/log/maillog da bununla ilgili kayıt yok. Stunnel.pem dosyasini stunnel
ports dizininde make cert komutuyla oluşturdum.
-----Original Message-----
From: Ismail YENIGUL [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 28, 2007 10:12 PM
To: Cahit Güçlü
Cc: [email protected]
Subject: Re[2]: [FreeBSD] stunnel hata
Merhabalar,
Sanirim stunnel ayarlari ile ilgili bir sorun var.
/var/log/messages veya /var/log/maillog dosyasinda stunnel ile ilgili
herhangi bir hata var mi?
Wednesday, February 28, 2007, 8:48:01 PM, you wrote:
Stunnel.sh status ile baktığımda stunnel çalışmıyor diyordu. Ama ps ile ve
sockstat ile baktığımda stunnel çalışıyor görünüyor. Ama ssl ile sunucuya
bağlanamıyorum. Bağlantı sunucu tarafından kesildi mesajı alıyorum. telnet
ile bağlandığımda da connection closed foreign host diyor ve bağlantı
kopuyor. Sockstat çıktısı şu şekilde:
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
stunnel stunnel 423 6 tcp4 *:995 *:*
stunnel stunnel 423 7 tcp4 *:993 *:*
stunnel stunnel 423 8 tcp4 *:465 *:*
stunnel stunnel 423 9 tcp4 *:443 *:*
-----Original Message-----
From: "N. Ersen ŞİŞECİ" [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 28, 2007 8:54 AM
To: [email protected]
Subject: Re: [FreeBSD] stunnel hata
Merhaba Cahit Bey,
"Address already in use" hatasini, o socket i daha onceden baska bir
program kullanmaya
basladigindan (bind) dolayi verir.
sockstat -4l (kucuk harf L)
komutu ile 995 inci portu hangi programin dinledigini gorup o programa
ihtiyaciniz
yoksa kapatip, stunnel i tekrar baslatirsaniz probleminiz cozulecektir.
Iyi calismalar dilerim.
Necati Ersen SISECI
EnderUnix Core Team Member
EnderUnix SDT ~ Turkey
http://www.enderunix.org
Cahit Güçlü yazmış:
Stunnel çalıştırmaya çalıştığımda çalışmıyor (amma cümle oldu ha J)
Feb 28 00:50:26 server stunnel: LOG5[3100:134651904]:
Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv4 Auth:LIBWRAP
Feb 28 00:50:26 server stunnel: LOG5[3100:134651904]: 791 clients allowed
Feb 28 00:50:26 server stunnel: LOG3[3100:134651904]: Error binding
pop3s to 0.0.0.0:995
Feb 28 00:50:26 server stunnel: LOG3[3100:134651904]: bind: Address
already in use (48)
Şeklinde loglar düşüyor. Bu hatayı nasıl düzeltebilirim?
---------------------------------------------------------------------
Listeye soru sormadan once lutfen http://ipucu.enderunix.org sitesine
bakiniz.
Cikmak icin, e-mail: [EMAIL PROTECTED]
Liste arsivi: http://lists.enderunix.org
Turkiye'nin ilk FreeBSD kitabi:
http://www.acikakademi.com/catalog/freebsd
---------------------------------------------------------------------
Listeye soru sormadan once lutfen http://ipucu.enderunix.org sitesine
bakiniz.
Cikmak icin, e-mail: [EMAIL PROTECTED]
Liste arsivi: http://lists.enderunix.org
Turkiye'nin ilk FreeBSD kitabi:
http://www.acikakademi.com/catalog/freebsd
--
Ismail YENIGUL
EnderUNIX Cekirdek Takimi Uyesi
Acik Akademi Yayinlari Editoru
[EMAIL PROTECTED]
http://www.enderunix.org
Yayinevi Sanal Magaza: http://dukkan.acikakademi.com
endersys: http://www.endersys.com
---------------------------------------------------------------------
Listeye soru sormadan once lutfen http://ipucu.enderunix.org sitesine bakiniz.
Cikmak icin, e-mail: [EMAIL PROTECTED]
Liste arsivi: http://lists.enderunix.org
Turkiye'nin ilk FreeBSD kitabi: http://www.acikakademi.com/catalog/freebsd
