Stunnel configuration file needs at least the section name and accept option. Lets say we want to have stunnel listen on our machine on port 9999 to support a fictitious protocol called foobar.įirst we would add the following line to /etc/services: foobar 9999/tcp # The foobar service Daemon mode will not fork if you have stunnel compiled with threads. inetd mode requires forking, which causes additional overhead.SSL needs to be initialized for every connection.Note: Running in daemon mode is much preferred to running in inetd mode. If you have a line, then stunnel will fork into the background to do its job, and will not work with inetd. The /usr/local/etc/nf configuration file for inetd mode must not include a line. That is not the killall you are looking for.
Note: Some Unix variants have a killall command that kills all processes on the machine. You may be able to use killall -HUP inetd on some Unix versions (for example linux, *BSD, IRIX) to save yourself from looking up the process id. Find the process id for the inetd process by one of the following commands: ps -ef | grep inetd You must then send the inetd process a SIGHUP. (if you installed stunnel in a different location than /usr/local/bin, use that path instead) and add the following line to /etc/services: foobar 9999/tcp # The foobar service We would add the following line to the file /etc/nf foobar stream tcp nowait root /usr/local/bin/stunnel stunnel Lets say we want to have stunnel listen on our machine on port 9999 to support a fictitious protocol called foobar.
Inetd is the Unix 'super server' that allows you to launch a program (for example the telnet daemon) whenever a connection is established to a specified port. (This does not apply to Windows machines)
#OPENVPN STUNNEL HOW TO#
This section gives you basic information on how to run the stunnel program in client and server mode.
0 kommentar(er)
