[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bbproxy over stunnel
- To: hobbit (at) hswn.dk
- Subject: bbproxy over stunnel
- From: "Darrin Khan" <medavian (at) gmail.com>
- Date: Mon, 24 Nov 2008 21:58:17 +1100
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type; bh=fLTkeHAjswsToTYFLdAAMh0LFF34KIG+1zigd+bV6Do=; b=m4ccOiqVGssBlAl8/rAhmxnFt3tYmMPbYzclMAYOWyd4N3mMAR0PbH78a+6/hZAhks +JKkm29QVkz+BLa4iUN2xt7OTXRA34IqwnUBeRr6pUvn1azFs14zDa1TMhmzu+GENAtP JQbI/XuS9kc1YmMfqSXFFTlGIfSJz7ojTSmRE=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=sussTban4UHoeJK0u0zwzFiYHd2ErO2NPgABT0XdVKMcm+ylqU3DTe74AHSyg5LJcF cJMCaNQg3bCoFjRX3TGh0yCjssVmMMris6/gIK1EPfzQd38Svx1813+5amyA1vkuOk6F f3MDZ4ZzypWRRco079iM5DeIMQMbl+INcQLuQ=
Hello All,
I have a problem getting stunnel and bbproxy to hobbitd to play nicely. I
am not sure if this has been covered before, however I have found a few bits
and peices of information about hobbit and stunnel, but nothing like what I
have configured.
Here is the idea..
client -> bbproxy -> stunnel -> stunnel ->hobbitd
Client is a SQL server that can't see the world. bbproxy is running on a
server behind a firewall that the SQL server can reach. bbproxy is
configured to send data to 127.0.0.1:11984. stunnel is listening on
127.0.0.1:11984 this then forwards out through the firewall to another
server running stunnel listening on 11984 this in turn dumps traffic on the
remote server to port 1984 (hobbitd).
This config works great, all my messages are encrypted and I am getting all
the updates to hobbitd on the remote server no worries. Has been working
like this for a few weeks now.
The issue I have been trying to nut out is that the clients are not
receiving any config in the other direction, particularly the
log:/var/log/messages:10240 entries from client-local.cfg.
If I remove the stunnel(s) and tell the bbproxy to connect to the hobbitd
directly, the clients get the config data in the reverse direction and they
in turn send back the log data they are supposed to.
Has anyone been able to get this to work ?
I suspect it may be my stunnel configs. they are below. Any help would be
greatly appreciated.
Darrin
----- bbproxy server -----
chroot = /var/run/stunnel/
setuid = nobody
setgid = nobody
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
debug = 5
output = /var/log/stunnel.log
foreground=no
[hobbit]
accept = 11984
connect = xx.xx.xxx.xxx:11984
TIMEOUTbusy = 5
TIMEOUTclose = 2
TIMEOUTconnect = 2
TIMEOUTidle = 5
----- hobbitd server -----
cert = /etc/pki/tls/certs/nms.ext.example.net.pem
chroot = /var/run/stunnel/
setuid = nobody
setgid = nobody
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
debug = 5
output = /var/log/stunnel.log
foreground=no
[hobbit]
accept = 11984
connect = 1984
TIMEOUTbusy = 5
TIMEOUTclose = 2
TIMEOUTconnect = 2
TIMEOUTidle = 5
--
Darrin Khan
medavian (at) gmail.com
"If you save the world too often, it begins to expect it..."
- Unknown