stunnel после ./stunnel restart падает

Настройка сетевых служб, маршрутизации, фаерволлов. Проблемы с сетевым оборудованием.
Правила форума
Убедительная просьба юзать теги [code] при оформлении листингов.
Сообщения не оформленные должным образом имеют все шансы быть незамеченными.
Аватара пользователя
Cancer
Гл. Кастратор
Сообщения: 1269
Зарегистрирован: 2008-03-25 12:21:36
Откуда: г. Ростов-на-Дону
Контактная информация:

stunnel после ./stunnel restart падает

Непрочитанное сообщение Cancer » 2008-11-15 9:34:28

Доброго времени суток!

Поставил stunnel по статье http://www.lissyara.su/?id=1576

Код: Выделить всё

pkg_info | grep stunnel
stunnel-4.25        SSL encryption wrapper for standard network daemons
но вот такая трабла..
Если перезагружаю тачку то работает он нормально, но стоит мне перезагрузить сам stunnel то вот

Код: Выделить всё

//>/usr/local/etc/rc.d/stunnel restart
stunnel not running? (check /var/tmp/stunnel/stunnel.pid).
Starting stunnel.

Код: Выделить всё

//>cat /etc/rc.conf | grep stunnel
stunnel_enable="YES"
stunnel_pidfile="/var/tmp/stunnel/stunnel.pid"
//>

и так и не работает, до перезагрузки сервака

но вот что самое интересное

Код: Выделить всё

//>ps -ax | grep stunnel
  577  ??  I      0:00,00 /usr/local/bin/stunnel /usr/local/etc/stunnel/stunnel.conf
  578  ??  I      0:00,00 /usr/local/bin/stunnel /usr/local/etc/stunnel/stunnel.conf
  579  ??  I      0:00,00 /usr/local/bin/stunnel /usr/local/etc/stunnel/stunnel.conf
  580  ??  I      0:00,00 /usr/local/bin/stunnel /usr/local/etc/stunnel/stunnel.conf
  581  ??  R      8:08,35 /usr/local/bin/stunnel /usr/local/etc/stunnel/stunnel.conf
 1198  p0  R+     0:00,00 grep stunnel
//>

Код: Выделить всё

//>sockstat -4 | grep stunnel
stunnel  stunnel    581   7  tcp4   *:995                 *:*
stunnel  stunnel    581   8  tcp4   *:465                 *:*
stunnel  stunnel    580   7  tcp4   *:995                 *:*
stunnel  stunnel    580   8  tcp4   *:465                 *:*
stunnel  stunnel    579   7  tcp4   *:995                 *:*
stunnel  stunnel    579   8  tcp4   *:465                 *:*
stunnel  stunnel    578   7  tcp4   *:995                 *:*
stunnel  stunnel    578   8  tcp4   *:465                 *:*
stunnel  stunnel    577   7  tcp4   *:995                 *:*
stunnel  stunnel    577   8  tcp4   *:465                 *:*
//>
Конфиг stunnel

Код: Выделить всё

; Sample stunnel configuration file by Michal Trojnara 2002-2006
; Some options used here may not be adequate for your particular configuration
; Please make sure you understand them (especially the effect of chroot jail)

; Certificate/key is needed in server mode and optional in client mode
cert = /usr/local/etc/stunnel/stunnel.pem
;key = /usr/local/etc/stunnel/mail.pem

; Protocol version (all, SSLv2, SSLv3, TLSv1)
sslVersion = all

; Some security enhancements for UNIX systems - comment them out on Win32
chroot = /var/tmp/stunnel
setuid = stunnel
setgid = nogroup
; PID is created inside chroot jail
pid = /stunnel.pid

; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
;compression = rle

; Workaround for Eudora bug
;options = DONT_INSERT_EMPTY_FRAGMENTS

; Authentication stuff
;verify = 2
; Don't forget to c_rehash CApath
; CApath is located inside chroot jail
;CApath = /certs
; It's often easier to use CAfile
;CAfile = /usr/local/etc/stunnel/certs.pem
; Don't forget to c_rehash CRLpath
; CRLpath is located inside chroot jail
;CRLpath = /crls
; Alternatively you can use CRLfile
;CRLfile = /usr/local/etc/stunnel/crls.pem

; Some debugging stuff useful for troubleshooting
debug = 7
output = stunnel.log

; Use it for client mode
;client = yes

; Service-level configuration

[pop3s]
accept  = 995
connect = 110

;[imaps]
;accept  = 993
;connect = 143

[ssmtp]
accept  = 465
connect = 25

;[https]
;accept  = 443
;connect = 80
;TIMEOUTclose = 0

; vim:ft=dosini
лог

Код: Выделить всё

2008.11.15 09:09:18 LOG7[977:134656000]: Snagged 64 random bytes from /root/.rnd
2008.11.15 09:09:18 LOG7[977:134656000]: Wrote 1024 new random bytes to /root/.rnd
2008.11.15 09:09:18 LOG7[977:134656000]: RAND_status claims sufficient entropy for the PRNG
2008.11.15 09:09:18 LOG7[977:134656000]: PRNG seeded successfully
2008.11.15 09:09:18 LOG7[977:134656000]: Certificate: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:18 LOG7[977:134656000]: Certificate loaded
2008.11.15 09:09:18 LOG7[977:134656000]: Key file: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:18 LOG7[977:134656000]: Private key loaded
2008.11.15 09:09:18 LOG7[977:134656000]: SSL context initialized for service pop3s
2008.11.15 09:09:18 LOG7[977:134656000]: Certificate: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:18 LOG7[977:134656000]: Certificate loaded
2008.11.15 09:09:18 LOG7[977:134656000]: Key file: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:18 LOG7[977:134656000]: Private key loaded
2008.11.15 09:09:18 LOG7[977:134656000]: SSL context initialized for service imaps
2008.11.15 09:09:18 LOG7[977:134656000]: Certificate: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:18 LOG7[977:134656000]: Certificate loaded
2008.11.15 09:09:18 LOG7[977:134656000]: Key file: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:18 LOG7[977:134656000]: Private key loaded
2008.11.15 09:09:18 LOG7[977:134656000]: SSL context initialized for service ssmtp
2008.11.15 09:09:18 LOG5[977:134656000]: stunnel 4.25 on i386-portbld-freebsd6.2 with OpenSSL 0.9.8d 28 Sep 2006
2008.11.15 09:09:18 LOG5[977:134656000]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
2008.11.15 09:09:18 LOG6[977:134656000]: file ulimit = 3578 (can be changed with 'ulimit -n')
2008.11.15 09:09:18 LOG6[977:134656000]: poll() used - no FD_SETSIZE limit for file descriptors
2008.11.15 09:09:18 LOG5[977:134656000]: 1747 clients allowed
2008.11.15 09:09:18 LOG7[977:134656000]: FD 5 in non-blocking mode
2008.11.15 09:09:18 LOG7[977:134656000]: FD 6 in non-blocking mode
2008.11.15 09:09:18 LOG7[977:134656000]: FD 7 in non-blocking mode
2008.11.15 09:09:18 LOG7[977:134656000]: SO_REUSEADDR option set on accept socket
2008.11.15 09:09:18 LOG3[977:134656000]: Error binding pop3s to 0.0.0.0:995
2008.11.15 09:09:18 LOG3[977:134656000]: bind: Address already in use (48)
2008.11.15 09:09:18 LOG7[986:134656000]: Snagged 64 random bytes from /root/.rnd
2008.11.15 09:09:18 LOG7[986:134656000]: Wrote 1024 new random bytes to /root/.rnd
2008.11.15 09:09:18 LOG7[986:134656000]: RAND_status claims sufficient entropy for the PRNG
2008.11.15 09:09:18 LOG7[986:134656000]: PRNG seeded successfully
2008.11.15 09:09:18 LOG7[986:134656000]: Certificate: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:18 LOG7[986:134656000]: Certificate loaded
2008.11.15 09:09:18 LOG7[986:134656000]: Key file: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:18 LOG7[986:134656000]: Private key loaded
2008.11.15 09:09:18 LOG7[986:134656000]: SSL context initialized for service pop3s
2008.11.15 09:09:18 LOG7[986:134656000]: Certificate: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:18 LOG7[986:134656000]: Certificate loaded
2008.11.15 09:09:18 LOG7[986:134656000]: Key file: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:18 LOG7[986:134656000]: Private key loaded
2008.11.15 09:09:18 LOG7[986:134656000]: SSL context initialized for service imaps
2008.11.15 09:09:18 LOG7[986:134656000]: Certificate: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:18 LOG7[986:134656000]: Certificate loaded
2008.11.15 09:09:18 LOG7[986:134656000]: Key file: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:18 LOG7[986:134656000]: Private key loaded
2008.11.15 09:09:18 LOG7[986:134656000]: SSL context initialized for service ssmtp
2008.11.15 09:09:18 LOG5[986:134656000]: stunnel 4.25 on i386-portbld-freebsd6.2 with OpenSSL 0.9.8d 28 Sep 2006
2008.11.15 09:09:18 LOG5[986:134656000]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
2008.11.15 09:09:18 LOG6[986:134656000]: file ulimit = 3578 (can be changed with 'ulimit -n')
2008.11.15 09:09:18 LOG6[986:134656000]: poll() used - no FD_SETSIZE limit for file descriptors
2008.11.15 09:09:18 LOG5[986:134656000]: 1747 clients allowed
2008.11.15 09:09:18 LOG7[986:134656000]: FD 5 in non-blocking mode
2008.11.15 09:09:18 LOG7[986:134656000]: FD 6 in non-blocking mode
2008.11.15 09:09:18 LOG7[986:134656000]: FD 7 in non-blocking mode
2008.11.15 09:09:18 LOG7[986:134656000]: SO_REUSEADDR option set on accept socket
2008.11.15 09:09:18 LOG3[986:134656000]: Error binding pop3s to 0.0.0.0:995
2008.11.15 09:09:18 LOG3[986:134656000]: bind: Address already in use (48)
2008.11.15 09:09:19 LOG7[995:134656000]: Snagged 64 random bytes from /root/.rnd
2008.11.15 09:09:19 LOG7[995:134656000]: Wrote 1024 new random bytes to /root/.rnd
2008.11.15 09:09:19 LOG7[995:134656000]: RAND_status claims sufficient entropy for the PRNG
2008.11.15 09:09:19 LOG7[995:134656000]: PRNG seeded successfully
2008.11.15 09:09:19 LOG7[995:134656000]: Certificate: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:19 LOG7[995:134656000]: Certificate loaded
2008.11.15 09:09:19 LOG7[995:134656000]: Key file: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:19 LOG7[995:134656000]: Private key loaded
2008.11.15 09:09:19 LOG7[995:134656000]: SSL context initialized for service pop3s
2008.11.15 09:09:19 LOG7[995:134656000]: Certificate: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:19 LOG7[995:134656000]: Certificate loaded
2008.11.15 09:09:19 LOG7[995:134656000]: Key file: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:19 LOG7[995:134656000]: Private key loaded
2008.11.15 09:09:19 LOG7[995:134656000]: SSL context initialized for service imaps
2008.11.15 09:09:19 LOG7[995:134656000]: Certificate: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:19 LOG7[995:134656000]: Certificate loaded
2008.11.15 09:09:19 LOG7[995:134656000]: Key file: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:19 LOG7[995:134656000]: Private key loaded
2008.11.15 09:09:19 LOG7[995:134656000]: SSL context initialized for service ssmtp
2008.11.15 09:09:19 LOG5[995:134656000]: stunnel 4.25 on i386-portbld-freebsd6.2 with OpenSSL 0.9.8d 28 Sep 2006
2008.11.15 09:09:19 LOG5[995:134656000]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
2008.11.15 09:09:19 LOG6[995:134656000]: file ulimit = 3578 (can be changed with 'ulimit -n')
2008.11.15 09:09:19 LOG6[995:134656000]: poll() used - no FD_SETSIZE limit for file descriptors
2008.11.15 09:09:19 LOG5[995:134656000]: 1747 clients allowed
2008.11.15 09:09:19 LOG7[995:134656000]: FD 5 in non-blocking mode
2008.11.15 09:09:19 LOG7[995:134656000]: FD 6 in non-blocking mode
2008.11.15 09:09:19 LOG7[995:134656000]: FD 7 in non-blocking mode
2008.11.15 09:09:19 LOG7[995:134656000]: SO_REUSEADDR option set on accept socket
2008.11.15 09:09:19 LOG3[995:134656000]: Error binding pop3s to 0.0.0.0:995
2008.11.15 09:09:19 LOG3[995:134656000]: bind: Address already in use (48)
2008.11.15 09:09:20 LOG7[1004:134656000]: Snagged 64 random bytes from /root/.rnd
2008.11.15 09:09:20 LOG7[1004:134656000]: Wrote 1024 new random bytes to /root/.rnd
2008.11.15 09:09:20 LOG7[1004:134656000]: RAND_status claims sufficient entropy for the PRNG
2008.11.15 09:09:20 LOG7[1004:134656000]: PRNG seeded successfully
2008.11.15 09:09:20 LOG7[1004:134656000]: Certificate: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:20 LOG7[1004:134656000]: Certificate loaded
2008.11.15 09:09:20 LOG7[1004:134656000]: Key file: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:20 LOG7[1004:134656000]: Private key loaded
2008.11.15 09:09:20 LOG7[1004:134656000]: SSL context initialized for service pop3s
2008.11.15 09:09:20 LOG7[1004:134656000]: Certificate: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:20 LOG7[1004:134656000]: Certificate loaded
2008.11.15 09:09:20 LOG7[1004:134656000]: Key file: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:20 LOG7[1004:134656000]: Private key loaded
2008.11.15 09:09:20 LOG7[1004:134656000]: SSL context initialized for service imaps
2008.11.15 09:09:20 LOG7[1004:134656000]: Certificate: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:20 LOG7[1004:134656000]: Certificate loaded
2008.11.15 09:09:20 LOG7[1004:134656000]: Key file: /usr/local/etc/stunnel/stunnel.pem
2008.11.15 09:09:20 LOG7[1004:134656000]: Private key loaded
2008.11.15 09:09:20 LOG7[1004:134656000]: SSL context initialized for service ssmtp
2008.11.15 09:09:20 LOG5[1004:134656000]: stunnel 4.25 on i386-portbld-freebsd6.2 with OpenSSL 0.9.8d 28 Sep 2006
2008.11.15 09:09:20 LOG5[1004:134656000]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
2008.11.15 09:09:20 LOG6[1004:134656000]: file ulimit = 3578 (can be changed with 'ulimit -n')
2008.11.15 09:09:20 LOG6[1004:134656000]: poll() used - no FD_SETSIZE limit for file descriptors
2008.11.15 09:09:20 LOG5[1004:134656000]: 1747 clients allowed
2008.11.15 09:09:20 LOG7[1004:134656000]: FD 5 in non-blocking mode
2008.11.15 09:09:20 LOG7[1004:134656000]: FD 6 in non-blocking mode
2008.11.15 09:09:20 LOG7[1004:134656000]: FD 7 in non-blocking mode
2008.11.15 09:09:20 LOG7[1004:134656000]: SO_REUSEADDR option set on accept socket
2008.11.15 09:09:20 LOG3[1004:134656000]: Error binding pop3s to 0.0.0.0:995
2008.11.15 09:09:20 LOG3[1004:134656000]: bind: Address already in use (48)

и вот

Код: Выделить всё

//>ls -l /var/tmp/stunnel/
total 26
-rw-r-----  1 stunnel  nogroup  24925 15 ноя 09:09 stunnel.log
-rw-r--r--  1 stunnel  nogroup      0 15 ноя 09:19 stunnel.pid
//>
Поможите....

Хостинговая компания Host-Food.ru
Хостинг HostFood.ru
 

Услуги хостинговой компании Host-Food.ru

Хостинг HostFood.ru

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/

paradox
проходил мимо
Сообщения: 11620
Зарегистрирован: 2008-02-21 18:15:41

Re: stunnel после ./stunnel restart падает

Непрочитанное сообщение paradox » 2008-11-15 11:10:10

помоему кривоват сам скрипт
>/usr/local/etc/rc.d/stunnel

Аватара пользователя
hizel
дядя поня
Сообщения: 9031
Зарегистрирован: 2007-06-29 10:05:02
Откуда: Выборг

Re: stunnel после ./stunnel restart падает

Непрочитанное сообщение hizel » 2008-11-15 12:01:21

Код: Выделить всё

Error binding pop3s to 0.0.0.0:995
кто то уже висит на 995 порту
В дурацкие игры он не играет. Он просто жуткий, чу-чу, паровозик, и зовут его Блейн. Блейн --- это Боль.

Аватара пользователя
Cancer
Гл. Кастратор
Сообщения: 1269
Зарегистрирован: 2008-03-25 12:21:36
Откуда: г. Ростов-на-Дону
Контактная информация:

Re: stunnel после ./stunnel restart падает

Непрочитанное сообщение Cancer » 2008-11-15 12:26:52

hizel писал(а):

Код: Выделить всё

Error binding pop3s to 0.0.0.0:995
кто то уже висит на 995 порту
да нет на нем никого, я даже на другой пробовал нифига