On Mon, May 11, 2020 at 02:55:35PM -0400, Christopher Schultz wrote: > Daniele, > > On 5/11/20 10:53, Daniele Basaldella wrote: > > Dear group, > > I've to configure a couple of tunneled connections (call them TC1 and > > TC2), client side, on a linux system. > > The target of both such connections is the same (destination ip and port > > are the same, call it DST). > > At source side (my server) I have a two IP addresses (call them IP1 and > > IP2) assigned and currently working to its unique NIC. I normally use > > iptables SNAT to split the traffic between IP1 and IP2 depending on > > destination addresses but in this case I've to distinguish it at > > application level (TC1 and TC2). > > I'd like to get TC1 to set the outgoing traffic with source address IP1 > > and TC2 to set outgoing traffic with source address IP2. > > > > Tunnel Tunnel > > Client Server > > > > TC1: IP1 --\ > > >--> DST > > TC2: IP2 --/ > > > > I'm thinking to set one entry in stunnel.conf for each TC1 and TC2 and > > use *transparent* = source clause to set the source address but it > > seems my case is not so common and I didn't find documentation. > > Please could you suggest a solution. > > If it's important for you to set the outgoing interface, then you should > use: > > local=IP1 > > in your config for the tunnel definition.
I believe Daniele's main point was the desire to avoid having two sections in the stunnel config, one with accept=IP1 and local=IP1 and one with IP2. Whether it can be done with transparent proxying is something I've never tried, so I don't feel qualified to answer. G'luck, Peter -- Peter Pentchev [email protected] [email protected] [email protected] PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
signature.asc
Description: PGP signature
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
