I am trying to setup stunnel to encrypt traffic from rsyslog (using the relp protocol), but whenever I try starting stunnel and sending logs to the remote server, i get the following:
Remote socket (FD=13) closed
Feb 15 01:25:55 ruby stunnel: LOG7[26750:140598316271360]: Local socket (FD=3) closed
Feb 15 01:25:55 ruby stunnel: LOG7[26750:140598316271360]: Service [ssyslog] finished (0 left)
Feb 15 01:25:55 ruby stunnel: LOG7[26750:140598316320512]: Service [ssyslog] accepted (FD=3) from 127.0.0.1:42481
Feb 15 01:25:55 ruby stunnel: LOG7[26750:140598316271360]: Service [ssyslog] started
Feb 15 01:25:55 ruby stunnel: LOG7[26750:140598316271360]: Waiting for a libwrap process
Feb 15 01:25:55 ruby stunnel: LOG7[26750:140598316271360]: Acquired libwrap process #0
Feb 15 01:25:55 ruby stunnel: LOG7[26750:140598316271360]: Releasing libwrap process #0
Feb 15 01:25:55 ruby stunnel: LOG7[26750:140598316271360]: Released libwrap process #0
Feb 15 01:25:55 ruby stunnel: LOG7[26750:140598316271360]: Service [ssyslog] permitted by libwrap from 127.0.0.1:42481
Feb 15 01:25:55 ruby stunnel: LOG5[26750:140598316271360]: Service [ssyslog] accepted connection from 127.0.0.1:42481
Feb 15 01:25:55 ruby stunnel: LOG6[26750:140598316271360]: connect_blocking: connecting 98.235.203.58:60514
Feb 15 01:25:55 ruby stunnel: LOG7[26750:140598316271360]: connect_blocking: s_poll_wait 98.235.203.58:60514: waiting 10 seconds
Feb 15 01:25:55 ruby stunnel: LOG5[26750:140598316271360]: connect_blocking: connected 98.235.203.58:60514
Feb 15 01:25:55 ruby stunnel: LOG5[26750:140598316271360]: Service [ssyslog] connected remote server from 78.46.65.138:43235
Feb 15 01:25:55 ruby stunnel: LOG7[26750:140598316271360]: Remote socket (FD=13) initialized
Feb 15 01:25:55 ruby stunnel: LOG7[26750:140598316271360]: SNI: host name: xx.xx.xx.xx
Feb 15 01:25:55 ruby stunnel: LOG3[26750:140598316271360]: SSL_connect: Peer suddenly disconnected
Feb 15 01:25:55 ruby stunnel: LOG5[26750:140598316271360]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
over and over again in rapid succession, would anyone know how I could figure out what is causing this to happen? I've been trying to figure this out for the last few hours, but have not clue what to do at this points
ok, after much cussing and fruitless searching on google, I was able to find out what it was. Not sure if I was just being an idiot, or if this is something that is normal, but the remote server was listening on a port (say for 60000 for instance) but for some reason, even when I had told the client to connect to 60000, it kept trying to connect to 60001 instead, so I simply had to tell the client to connect to port 59999 and it worked perfectly :)
EDIT:Not applicable here, but if you stumble on this thread while trying to debug a similar issue for http/https: Ensure that you put in https and not http in the browser/client. Stunnel does not do a automatic redirect to https when someone goes to http