Re: stunnel: warning: can't get client address: Bad file descriptor
hi, stunnel 4.25 does not kill all stunnel instances after issuing "stop";
you have to kill all old stunnel jobs before restarting it.
noahwallach wrote:
>
> Just upgraded stunnel and getting the following error message in the
> /var/log/messages file. It appears that when I restart stunnel it
> complains "Error binding pop3s to 0.0.0.0:995 and bind: Address already
> in use (48)". therefore the 995 port never becomes available during the
> restart. Why is that happening? She the stunel logs below.
>
> any clues?
>
> snip ---
>
> Jun 8 13:17:04 stunnel: warning: can't get client address: Bad file
> descriptor
> Jun 8 13:17:34 last message repeated 530400 times
> Jun 8 13:18:00 last message repeated 488687 times
>
> snip ---
>
>
> here is the stunnel.log -
>
> n# tail -n 50 -f /var/log/stunnel.log
> Jun 8 00:00:00 typhoon newsyslog[72831]: logfile turned over
> 2008.06.08 04:05:41 LOG7[21238:134664192]: Snagged 64 random bytes from
> /root/.rnd
> 2008.06.08 04:05:41 LOG7[21238:134664192]: Wrote 1024 new random bytes
> to /root/.rnd
> 2008.06.08 04:05:41 LOG7[21238:134664192]: RAND_status claims sufficient
> entropy for the PRNG
> 2008.06.08 04:05:41 LOG7[21238:134664192]: PRNG seeded successfully
> 2008.06.08 04:05:41 LOG7[21238:134664192]: Certificate:
> /usr/local/etc/stunnel/mail.pem
> 2008.06.08 04:05:41 LOG7[21238:134664192]: Certificate loaded
> 2008.06.08 04:05:41 LOG7[21238:134664192]: Key file:
> /usr/local/etc/stunnel/mail.pem
> 2008.06.08 04:05:41 LOG7[21238:134664192]: Private key loaded
> 2008.06.08 04:05:41 LOG7[21238:134664192]: SSL context initialized for
> service pop3s
> 2008.06.08 04:05:41 LOG5[21238:134664192]: stunnel 4.25 on
> i386-unknown-freebsd6.2 with OpenSSL 0.9.8h 28 May 2008
> 2008.06.08 04:05:41 LOG5[21238:134664192]: Threading:PTHREAD SSL:ENGINE
> Sockets:POLL,IPv6 Auth:LIBWRAP
> 2008.06.08 04:05:41 LOG6[21238:134664192]: file ulimit = 11095 (can be
> changed with 'ulimit -n')
> 2008.06.08 04:05:41 LOG6[21238:134664192]: poll() used - no FD_SETSIZE
> limit for file descriptors
> 2008.06.08 04:05:41 LOG5[21238:134664192]: 5417 clients allowed
> 2008.06.08 04:05:41 LOG7[21238:134664192]: FD 5 in non-blocking mode
> 2008.06.08 04:05:41 LOG7[21238:134664192]: FD 6 in non-blocking mode
> 2008.06.08 04:05:41 LOG7[21238:134664192]: FD 7 in non-blocking mode
> 2008.06.08 04:05:41 LOG7[21238:134664192]: SO_REUSEADDR option set on
> accept socket
> 2008.06.08 04:05:41 LOG3[21238:134664192]: Error binding pop3s to
> 0.0.0.0:995
> 2008.06.08 04:05:41 LOG3[21238:134664192]: bind: Address already in use
> (48)
>
>
> --- configuration ---
>
> # cat /usr/local/etc/stunnel/stunnel.conf
> # Sample stunnel configuration file
> # Copyright by Michal Trojnara 2002
>
> # Comment it out on Win32
> cert = /usr/local/etc/stunnel/mail.pem
> chroot = /var/run/stunnel
> #chroot = /var/run
> # PID is created inside chroot jail
> pid = /stunnel.pid
> setuid = stunnel
> setgid = stunnel
> # grep stunnel /etc/rc.conf
> stunnel_enable="YES"
> # cat /usr/local/etc/rc.d/stunnel
> #!/bin/sh
> #
> # $FreeBSD: ports/security/stunnel/files/stunnel.in,v 1.9 2008/01/26
> 14:18:12 roam Exp $
> #
>
> # PROVIDE: stunnel
> # REQUIRE: NETWORKING SERVERS
> # BEFORE: DAEMON
> # KEYWORD: shutdown
>
> #
> # Add some of the following variables to /etc/rc.conf to configure
> stunnel:
> # stunnel_enable (bool):Set to "NO" by default.
> # Set it to "YES" to enable stunnel.
> # stunnel_config (str): Default
> "/usr/local/etc/stunnel/stunnel.conf"
> # Set it to the full path to the config file
> # that stunnel will use during the automated
> # start-up.
> # stunnel_pidfile (str):Default
> "/usr/local/var/stunnel/stunnel.pid"
> # Set it to the value of 'pid' in
> # the stunnel.conf file.
> #
>
> . /etc/rc.subr
>
> name="stunnel"
> rcvar=`set_rcvar`
>
> load_rc_config $name
>
> : ${stunnel_enable="NO"}
> : ${stunnel_config="/usr/local/etc/stunnel/${name}.conf"}
> : ${stunnel_pidfile="/var/run/stunnel/${name}.pid"}
>
> command="/usr/local/bin/stunnel"
> command_args=${stunnel_config}
> pidfile=${stunnel_pidfile}
>
> required_files="${stunnel_config}"
>
> run_rc_command "$1"
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
>
>
--
View this message in context:
http://www.nabble.com/stunnel%3A-warning%3A-can%27t-get-client-address%3A-Bad-file-descriptor-tp17722812p17728956.html
Sent from the freebsd-questions mailing list archive at Nabble.com.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
Re: Setting up a VPN
try sslexplorer, http://n3ncy.com/UNIX/FreeBSD/SSLExplorer.htm Schiz0 wrote: > > Hey, > > I'm looking for information on how to setup a Virtual Private Network > on a FreeBSD 7.0-RELEASE system. The only VPNs that I've worked with > previously is Hamachi on windows and linux, so I have no experience in > OpenVPN or IPSec. > > The purpose of this VPN is to restrict certain things to only > administrators. For example, phpmyadmin and vsFTPd. I'd prefer not to > have these things listen on the public interface. > > I read the Handbook entry on IPSec/VPNs: > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html > > However, that entry only has examples for how to connect one network > to another network via FreeBSD gateways. I don't want a setup like > this; I just want the freebsd system, my windows XP system, and a few > other windows XP systems to be on a VPN together. > > Can anyone link me to how-tos or any references on how to do this? > Also, any suggestions on which software to use (OpenVPN, IPSec, etc) > would be appreciated. > > Thanks. > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > > -- View this message in context: http://www.nabble.com/Setting-up-a-VPN-tp17631631p17728870.html Sent from the freebsd-questions mailing list archive at Nabble.com. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: stunnel not running? (check /var/run/stunnel/stunnel.pid)
noahwallach wrote:
>
> Okay I am not understanding something with stunnel. it appears that
> stunnel cant start because it cant create a pid file. It happens every
> time I upgrade it.
>
> # /usr/local/etc/rc.d/stunnel restart
> stunnel not running? (check /var/run/stunnel/stunnel.pid).
> Starting stunnel.
> # /usr/local/etc/rc.d/stunnel restart
> stunnel not running? (check /var/run/stunnel/stunnel.pid).
> Starting stunnel.
> #
>
> Anybody help me understand things here. so here is the relevent output
> which I can provide some clues.
>
>
> # ls -ld /var/run/stunnel/
> drwxrwxr-x 2 stunnel stunnel 512 Jun 5 14:28 /var/run/stunnel/
> # cat /usr/local/etc/stunnel/stunnel.conf
> # Sample stunnel configuration file
> # Copyright by Michal Trojnara 2002
>
> # Comment it out on Win32
> cert = /usr/local/etc/stunnel/mail.pem
> chroot = /var/run/stunnel
> #chroot = /var/run
> # PID is created inside chroot jail
> pid = /stunnel.pid
> setuid = stunnel
> setgid = stunnel
> # grep stunnel /etc/rc.conf
> stunnel_enable="YES"
> # cat /usr/local/etc/rc.d/stunnel
> #!/bin/sh
> #
> # $FreeBSD: ports/security/stunnel/files/stunnel.in,v 1.9 2008/01/26
> 14:18:12 roam Exp $
> #
>
> # PROVIDE: stunnel
> # REQUIRE: NETWORKING SERVERS
> # BEFORE: DAEMON
> # KEYWORD: shutdown
>
> #
> # Add some of the following variables to /etc/rc.conf to configure
> stunnel:
> # stunnel_enable (bool):Set to "NO" by default.
> # Set it to "YES" to enable stunnel.
> # stunnel_config (str): Default
> "/usr/local/etc/stunnel/stunnel.conf"
> # Set it to the full path to the config file
> # that stunnel will use during the automated
> # start-up.
> # stunnel_pidfile (str):Default
> "/usr/local/var/stunnel/stunnel.pid"
> # Set it to the value of 'pid' in
> # the stunnel.conf file.
> #
>
> . /etc/rc.subr
>
> name="stunnel"
> rcvar=`set_rcvar`
>
> load_rc_config $name
>
> : ${stunnel_enable="NO"}
> : ${stunnel_config="/usr/local/etc/stunnel/${name}.conf"}
> : ${stunnel_pidfile="/var/run/stunnel/${name}.pid"}
>
> command="/usr/local/bin/stunnel"
> command_args=${stunnel_config}
> pidfile=${stunnel_pidfile}
>
> required_files="${stunnel_config}"
>
> run_rc_command "$1"
>
>
>
> --
>
> any ideas?
>
> Cheers,
>
> Noah
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
>
>
ps auxw |grep stunnel
sockstat -4 |grep stunnel
clear anything stunnel before restart.
--
View this message in context:
http://www.nabble.com/stunnel-not-running--%28check--var-run-stunnel-stunnel.pid%29-tp17704688p17728757.html
Sent from the freebsd-questions mailing list archive at Nabble.com.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
