On 15/04/2014 09:47, Peter Pentchev wrote:
On Tue, Apr 15, 2014 at 09:22:17AM -0400, Nigel Horne wrote:Peter,Thanks for your prompt response. When I run /etc/init.d/stunnel4 start I get this cryptic message: [Failed: /etc/stunnel/smtp.verizon.net.conf] You should check that you have specified the pid= in you [sic] configuration file What does it mean? How do I rememdy the situation? 'man stunnel' gives no clue about to do to fix it.Hi, Thanks for trying out the still quite fresh version of stunnel! Could you edit your smtp.verizon.net.conf file and add a 'debug=5' setting in the global section? After that, restarting it will probably supply a more meaningful error message. Also, is there an 'output' setting in your config file - and if there is, has stunnel logged some error messages in the file specified there? If there isn't, has stunnel logged some error messages through syslog?Here's the output with debug=5:Thanks, I see the problem now:root@compaq:/etc/stunnel# /etc/init.d/stunnel4 restart Restarting SSL tunnels: [ ] Clients allowed=500 [.] stunnel 5.01 on x86_64-pc-linux-gnu platform [.] Compiled/running with OpenSSL 1.0.1g 7 Apr 2014 [.] Threading:PTHREAD Sockets:POLL,IPv6 SSL:ENGINE,OCSP,FIPS Auth:LIBWRAP [ ] errno: (*__errno_location ()) [.] Reading configuration from file /etc/stunnel/smtp.verizon.net.conf [.] FIPS mode disabled [ ] Compression disabled [ ] Snagged 64 random bytes from /root/.rnd [ ] Wrote 1024 new random bytes to /root/.rnd [ ] PRNG seeded successfully [ ] Initializing service [ req ] [ ] No private key specified [ ] SSL options set: 0x00000004 [.] Configuration successfulSo far so good, but...[!] Error binding service [ req ] to 0.0.0.0:2525 [!] bind: Address already in use (98)These two lines show the problem. There is already something else listening on port 2525. Now I see two possibilities: - you have another stunnel instance (something else in /etc/stunnel/*.conf) that also tries to listen on port 2525 - you have another program that also tries to listen on port 2525
I wonder then if the upgrade process (I ran apt-get update today) failed to stop the old version?
Could you run these two commands as root and show me their output? netstat -atpn | fgrep -e :80
root@compaq:/home/njh# netstat -atpn | fgrep -e :80 tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 3283/perl tcp 0 0 192.168.1.2:8080 0.0.0.0:* LISTEN 3283/perl tcp6 0 0 :::80 :::* LISTEN 2413/apache2 root@compaq:/home/njh#
fgrep -we accept /etc/stunnel/*.conf
root@compaq:/home/njh# fgrep -we accept /etc/stunnel/*.conf accept = 2525 root@compaq:/home/njh#
Also, when replying to my message, could you use the 'reply to all' method so that the 744...@bugs.debian.org address is kept on the Cc line? This way the messages will go to the 'bug log' in the Debian bug tracking system and others will be able to see them in the future, if they come across similar problems. Of course, if for some reason you'd like to keep the discussion private, that's also fine by me, but, to be honest, I don't see a reason for that so far :)
Sorry - I thought I'd been doing that... Regards, -Nigel
smime.p7s
Description: S/MIME Cryptographic Signature
