[Xymon] Xymon 4.3.30 Released
Axel Beckert
abe at deuxchevaux.org
Tue Aug 18 17:15:55 CEST 2020
Hi,
On Sat, Aug 15, 2020 at 12:21:24AM -0400, Ralph M wrote:
> I think direct SSL wrapping is what I need, thanks.
>
> Would it be unreasonable to suggest that the SSL setup, decryption, etc be
> offloaded to a standalone program that then delivers the message to the
> core daemon in the same manner as cgimsg? I'd like to get Apache out of
> the loop, and just have an SSL-enabled message receiver funneling status
> messages to the core daemon.
That's easy: I use stunnel (Debian package "stunnel4") for that. Also
gives you instant IPv6 reachability for the Xymond.
Server setup (relevant snippet from my /etc/stunnel/stunnel.conf):
[bbs6]
accept = :::1983
connect = 1984
Since it's encrypted and has better privacy, I use port 1983 for that
with the mnemonic "before 1984". :-)
Client (relevant snippets from my /etc/stunnel/stunnel.conf and
/etc/default/xymon-client):
[bbs]
accept = 127.0.0.1:1984
connect = <your-xymon-server>:1983
client = yes
and
XYMONSERVERS="127.0.0.1"
The client snippets are from a host which has no IPv4 connectivity
(besides localhost).
Kind regards, Axel
--
PGP: 2FF9CD59612616B5 /~\ Plain Text Ribbon Campaign, http://arc.pasp.de/
Mail: abe at deuxchevaux.org \ / Say No to HTML in E-Mail and Usenet
Mail+Jabber: abe at noone.org X
https://axel.beckert.ch/ / \ I love long mails: https://email.is-not-s.ms/
More information about the Xymon
mailing list