For 1 & 2, I have some info.
No, you can't have it use the same port to accept both traffic. That would break the rules of networking, so you have to have unencrypted traffic listening on a different port, OR have some really fancy iptables rules that I'd rather not think about in detail.
I'm not sure what you're referring to here, but if I have it correct, you want to redirect encrypted messages (after they've been unencrypted) to another port on the same server? That's easily doable with iptables rules, but that will be a learning curve. Stunnel may even have functionality built in to do this already anyway, so you may want to look at stunnel's documentation for that.
You probably want to check with the stunnel mailing list and/or documentation on this. I don't know anything about stunnel or its native capabilities. Sorry =c)
Hope that helps.
Tod Hansmann Network Engineer
-----Original Message----- From: T.J. Yang [mailto:tj_yang at hotmail.com] Sent: Sunday, April 29, 2007 6:07 AM To: hobbit at hswn.dk Subject: Re: [hobbit] hobbit(bb) port 1984 encryption with stunnel
From: Ulric Eriksson <ulric at siag.nu> Reply-To: hobbit at hswn.dk To: hobbit at hswn.dk Subject: Re: [hobbit] hobbit(bb) port 1984 encryption with stunnel Date: Sun, 29 Apr 2007 09:07:19 +0200 (CEST)
On Sat, 28 Apr 2007, T.J. Yang wrote:
Hi, http://by138fd.bay138.hotmail.msn.com/cgi-bin/compose?&curmbox=0000000 0%2d0000%2d0000%2d0000%2d000000000001&a=c3dd844ec8984ee0fc88cdaec8525d7c 7c4ebd25761fc90804cf1ce9ea95666c# Send I am starting to test out port 1984 encryption using stunnel approach, see following wiki notes.
http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administrat ion_Guide#Hobbit.28bb.29_port_1984_encryption
Has anyone done this already ? Hoping someone already did this. so I can shorten my try and error process.
FWIW, we have been using Big Brother clients with stunnel to monitor remote sites for years. It works perfectly. Since Hobbit also uses a simple, tcp based protocol, I see no reason why it shouldn't work as well.
Ulric,
I am new to stunnel and trying to get stunnel to work with hobbit client and server. A few questions here.
So basically I can configure a hobbit/bb(using same port) server to both accept either encrypted bb messages or plain one, correct ?
I can use tcp-wrapper to restrict only the hobbit server itself can
connect to itself to lock down plain bb message connection from public, correct ?
- I got 4.20 stunnel compiled and configured, but the examples on stunnel.org is for older version which accept "-c" kind of options. I am
having problem to really redirect the bb message from a bb client using
port 1999 to remote hb server which accepting 1999 (then redirect to local 1984).
I don't know what other stops I need to to fill the following url.
http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administratio n_Guide#Configuring_hb_client_to_use_port_1999
Ulric
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
Download Messenger. Join the i'm Initiative. Help make a difference today. http://im.live.com/messenger/im/home/?source=TAGHM_APR07
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk