stunnel & inetd

Discussion in 'General Server' started by adrhc, Jul 2, 2014.

  1. adrhc

    adrhc New Member

    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Hi, I'm trying to setup a inetd & stunnel configuration which would allow me to securely access the following sites:
    no-ssl ... : 9091 / transmission over ssl port 91
    no-ssl ... : 32400 / web / index.html over ssl port 324

    The configuration below works fine when only one (plex or transmission) item in inetd.conf is active. Anyway I also learn that they do not create the stunnel.pid and stunnel.log files in the allocated folder (stunnel-transmission respective plex-transmission) which seems to me strange.

    When both items are active than both secured urls (192 . 168 . 1 . 31:91/transmission and 192 . 168 . 1 . 31:324/web/index.html) will work but will present the same site (plex or transmission) -> it seems to be the last site used when configuring inetd to use only on item.


    Before running inetd daemon I'l running killall stunnel in order to be sure there's no trace of it left on the system.

    Why is this happening when using inetd with both items (plex and transmission) ? :confused:

    inetd.conf:
    # [ssl plex]
    # ssl ... : 324 / web / index.html
    plex stream tcp nowait root /ffp/bin/stunnel /ffp/etc/stunnel/stunnel-plex.conf

    # [ssl transmission]
    # ssl ... : 91 / transmission
    transmission stream tcp nowait root /ffp/bin/stunnel /ffp/etc/stunnel/stunnel-transmission.conf

    services:
    ... -> other lines with other services + ports
    transmission 91/tcp
    plex 324/tcp

    stunnel-transmission.conf:
    chroot = /usr/local/zy-pkgs/ffproot/ffp/var/lib/stunnel-transmission/
    setuid = root
    setgid = nobody
    fips = no
    service = stunnel-transmission
    pid = stunnel.pid
    debug = 4
    output = stunnel.log
    cert = /etc/service_conf/CA.cer
    key = /etc/service_conf/CA_key.cer
    verify = 3
    CAfile = /usr/local/zy-pkgs/ffproot/home/root/.ssh/authorized_keys
    options = NO_SSLv2
    connect = 9091

    stunnel-plex.conf:
    chroot = /usr/local/zy-pkgs/ffproot/ffp/var/lib/stunnel-plex/
    setuid = root
    setgid = nobody
    fips = no
    service = stunnel-plex
    pid = stunnel.pid
    debug = 4
    output = stunnel.log
    cert = /etc/service_conf/CA.cer
    key = /etc/service_conf/CA_key.cer
    verify = 3
    CAfile = /usr/local/zy-pkgs/ffproot/home/root/.ssh/authorized_keys
    options = NO_SSLv2
    connect = 32400

Share This Page