From: "Tod Hansmann" <thansmann at directpointe.com> Reply-To: hobbit at hswn.dk To: <hobbit at hswn.dk> Subject: RE: [hobbit] hobbit(bb) port 1984 encryption with stunnel Date: Mon, 30 Apr 2007 09:06:49 -0600
For 1 & 2, I have some info.
- No, you can't have it use the same port to accept both traffic. That would break the rules of networking, so you have to have unencrypted traffic listening on a different port, OR have some really fancy iptables rules that I'd rather not think about in detail.
Agree. I mean on one HB server, one port (1984) to accept plain incoming message. Another encrypted port(1999) to accept messages from hb client send out encrypted message.
- I'm not sure what you're referring to here, but if I have it correct, you want to redirect encrypted messages (after they've been unencrypted) to another port on the same server? That's easily doable with iptables rules, but that will be a learning curve. Stunnel may even have functionality built in to do this already anyway, so you may want to look at stunnel's documentation for that.
Yes, I am expecting stunnel will do the redirect work, not iptable.
- You probably want to check with the stunnel mailing list and/or documentation on this. I don't know anything about stunnel or its native capabilities. Sorry =c)
I did. lets wait and see the response I got from the stunnel user list. It will be easy once I knew it. ;)
tj
Hope that helps.
Tod Hansmann Network Engineer
-----Original Message----- From: T.J. Yang [mailto:tj_yang at hotmail.com] Sent: Sunday, April 29, 2007 6:07 AM To: hobbit at hswn.dk Subject: Re: [hobbit] hobbit(bb) port 1984 encryption with stunnel
From: Ulric Eriksson <ulric at siag.nu> Reply-To: hobbit at hswn.dk To: hobbit at hswn.dk Subject: Re: [hobbit] hobbit(bb) port 1984 encryption with stunnel Date: Sun, 29 Apr 2007 09:07:19 +0200 (CEST)
On Sat, 28 Apr 2007, T.J. Yang wrote:
Hi, http://by138fd.bay138.hotmail.msn.com/cgi-bin/compose?&curmbox=0000000 0%2d0000%2d0000%2d0000%2d000000000001&a=c3dd844ec8984ee0fc88cdaec8525d7c 7c4ebd25761fc90804cf1ce9ea95666c# Send I am starting to test out port 1984 encryption using stunnel approach, see following wiki notes.
http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administrat ion_Guide#Hobbit.28bb.29_port_1984_encryption
Has anyone done this already ? Hoping someone already did this. so I can shorten my try and error process.
FWIW, we have been using Big Brother clients with stunnel to monitor remote sites for years. It works perfectly. Since Hobbit also uses a simple, tcp based protocol, I see no reason why it shouldn't work as well.
Ulric,
I am new to stunnel and trying to get stunnel to work with hobbit client and server. A few questions here.
So basically I can configure a hobbit/bb(using same port) server to both accept either encrypted bb messages or plain one, correct ?
I can use tcp-wrapper to restrict only the hobbit server itself can
connect to itself to lock down plain bb message connection from public, correct ?
- I got 4.20 stunnel compiled and configured, but the examples on stunnel.org is for older version which accept "-c" kind of options. I am
having problem to really redirect the bb message from a bb client using
port 1999 to remote hb server which accepting 1999 (then redirect to local 1984).
I don't know what other stops I need to to fill the following url.
http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administratio n_Guide#Configuring_hb_client_to_use_port_1999
Ulric
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
Download Messenger. Join the i'm Initiative. Help make a difference today. http://im.live.com/messenger/im/home/?source=TAGHM_APR07
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
Mortgage refinance is Hot. *Terms. Get a 5.375%* fix rate. Check savings https://www2.nextag.com/goto.jsp?product=100000035&url=%2fst.jsp&tm=y&search...