Stunnel and connection reset


Recommended Posts

I'm using stunnel to secure my connection to irssi proxy, running on my linux vps. It works, but I keep on getting disconnected with "connection reset by peer" in Xchat. I've tried different tweaks to the config, none of them solve the problem. I've also connected to irssi proxy directly, and when my other ssl connection got reset, the non-ssl connection stayed on.

This is what my VPS stunnel config looks like:

; Protocol version (all, SSLv2, SSLv3, TLSv1)

sslVersion = TLSv1

; Some security enhancements for UNIX systems - comment them out on Win32

; PID is created inside chroot jail

pid = /etc/stunnel/stunnel.pid

; Some performance tunings

socket = l:TCP_NODELAY=1

socket = r:TCP_NODELAY=1

;compression = rle

; Some debugging stuff useful for troubleshooting

debug = 7

output = /etc/stunnel/stunnel.log

; Use it for client mode

;client = yes

; Service-level configuration

[neowin]

accept = 33333

connect = 33332

My windows stunnel.conf looks like this:

sslVersion = TLSv1

; Some performance tunings

socket = l:TCP_NODELAY=1

socket = r:TCP_NODELAY=1

; Some debugging stuff useful for troubleshooting

debug = 7

output = stunnel.log

; Use it for client mode

client = yes

; Service-level configuration

;compression = zlib

[neowin]

accept = 33332

connect = x.x.x.x:33333

; vim:ft=dosini

I get these types of messages in the stunnel.log:

2008.08.03 20:00:49 LOG3[3428:3352]: readsocket: Connection reset by peer (WSAECONNRESET) (10054)

2008.08.03 20:00:49 LOG5[3428:3352]: Connection reset: 250 bytes sent to SSL, 10614 bytes sent to socket

2008.08.03 20:00:49 LOG3[3428:692]: readsocket: Connection reset by peer (WSAECONNRESET) (10054)

2008.08.03 20:00:49 LOG5[3428:692]: Connection reset: 205 bytes sent to SSL, 3375 bytes sent to socket

This has become a major headache. Any help will be appreciated.

Edited by zer0day
Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.