user at host fun with stunnel
matthew.best at gmail.com
Wed Dec 8 20:27:41 EST 2004
Hey again listers,
I'm in a bit of an interesting quagmire here. I use stunnel
(http://www.stunnel.org) to offer ircd over SSL to my users.
This is my stunnel statement:
/usr/sbin/stunnel -r 192.168.0.25:6667 -d 192.168.0.25:8887 -p
/etc/ssl/certs/stunnel.pem -o /var/log/stunnel.ext.log
This reads as "listen on port 8887 and encrypt all connections to this
port, then redirect to port 6667". The ircd is listening on 6667. I
basically have a standard NAPT gateway in front of the server that
redirects port 8887 to 192.168.0.25.
The problem with this, is I think it kinda breaks ident. When a user
connects, they are always connected as "root at 192.168.0.25", instead of
"user at isp-assigned-ip-address-or-hostname".
Can anybody think of a way around this? I understand this may be
beyond the scope of this list. Any suggestions are appreciated.
More information about the hybrid