stunnel-server
#!/bin/bash # need to be run as root ]]; then echo "must to be run as root" exit fi # giving user passwordless sudo privileges who=`whoami` myhomepath=$(cat /etc/passwd|grep $who|awk -F: '{print $6}') # receive specific port from cmd, PORT=${:-} #install package sudo apt-get install -y squid stunnel # generate key, including client & server cd /etc/stunnel openssl req -new -x509 -days -batch -nodes -config /usr/share/doc/stunnel4/examples/stunnel.cnf -out server.pem -keyout server.pem openssl req -new -x509 -days -batch -nodes -config /usr/share/doc/stunnel4/examples/stunnel.cnf -out client.pem -keyout client.pem # modify (if not exist, will create) stunnel config sudo cat <<EOF >/etc/stunnel/stunnel.conf chroot = /var/lib/stunnel4/ setuid = stunnel4 setgid = stunnel4 pid = /stunnel4.pid debug = output = stunnel.log cert = /etc/stunnel/server.pem #sslVersion = SSLv3 verify = CAfile = /etc/stunnel/client.pem socket = r:TCP_NODELAY= socket = l:TCP_NODELAY= [squid] accept = $PORT connect = EOF # config squid sudo sed -i -r "s/^#acl localnet src 10.0.0.0/acl localnet src 10.0.0.0/g" /etc/squid3/squid.conf sudo sed -i -r "s/^#acl localnet src 172.16.0.0/acl localnet src 172.16.0.0/g" /etc/squid3/squid.conf sudo sed -i -r "s/^#acl localnet src 192.168.0.0/acl localnet src 192.168.0.0/g" /etc/squid3/squid.conf sudo sed -i -r "s/^#acl localnet src fc00::/acl localnet src fc00::/g" /etc/squid3/squid.conf sudo sed -i -r "s/^#acl localnet src fe80::/acl localnet src fe80::/g" /etc/squid3/squid.conf sudo sed -i -r "/acl Safe_ports port 777/a acl SSL_ports port 443 6667 7709 143 993 585 5223 29418 \\n" /etc/squid3/squid.conf sudo sed -i -r "/acl CONNECT method CONNECT/a acl irc_port port 6667\\nacl irc dstdomain irc.freenode.net\\nhttp_access allow irc irc_port \\n" /etc/squid3/squid.conf # important... sed -i -r "s/ENABLED=0/ENABLED=1/g" /etc/default/stunnel4 # restart service sudo service stunnel4 restart
stunnel-server的更多相关文章
- Stunnel使用2
1.首先测试一下stunnel.exe,是否能正常运行,正常的话,不会报错,在桌面右下角位置显示. 2.第一步完成后,打开stunnel.conf,对stunnel进行配置,需要修改一下几项:(mys ...
- (转)用stunnel给普通http通信加密
转自:https://www.digitalocean.com/community/tutorials/how-to-set-up-an-ssl-tunnel-using-stunnel-on-ubu ...
- 【原】基于64位Centos6.2的mcrouter使用简介
此文转载必须注明原文地址,请尊重作者的劳动成果! http://www.cnblogs.com/lyongerr/p/5040071.html 目录 文档控制... 2 1 mcrouter简介.. ...
- Windows系统Stunnel客户端的配置
Stunnel官方就有Windows版本,到下面的地址下载: https://www.stunnel.org/downloads.html 选择”stunnel-X.XX-installer.exe“ ...
- Stunnel服务端
Stunnel on Debian GNU/Linux 6 (squeeze) 传统的POP3, SMTP, Samba等服务,都是不加密的协议(即在网络上明文传输数据),通过stunnel,可以将访 ...
- Stunnel使用
建立加密隧道 使用 Stunnel 建立加密隧道 附件中的 Server 和 Clinet 都是已经配置好了的,只需修改 Server 的 stunnel.conf 的 connect 为实际的ip ...
- 常用工具之stunnel
The stunnel program is designed to work as an SSL encryption wrapper between remote client and local ...
- 安装Stunnel来实现正向代理邮件
文:铁乐与猫 2017年8月 一开始我是使用yum install来安装stunnel的 感觉版本低点也无所谓,毕竟只是拿来加密代理一下邮件收发. 可是后来发现之前下载的最新官网版本的tar包里有很多 ...
- linux下使用Stunnel配置与使用方式一例
第一部分:stunnel的安装与配置 注:在ubuntu下,stunnel的安装很简单快捷. 在synaptic(安立得工具系统下可以直接选举安装) 在服务器环境下,直接使用apt-get insta ...
随机推荐
- 博客迁移到GitCafe
博客以前是放在github上,但github在国内的访问速度确实有些慢,所以就想着换个git环境,本来想迁移到oschina中,后来看到以为博友介绍的迁移到gitcafe中,索性我也就照搬迁过来了. ...
- VBA唏嘘戏——简单单元格的设定(实例)
由于有很多个Word文件,所以应用宏会更加方便排版,而且版式较为统一. Sub 设置列宽() ' ' 设置列宽宏 ' ' ActiveDocument.Tables().Cell(, ).Width ...
- The Managed Metadata Service or Connection is currently not available 分类: Sharepoint 2015-07-09 13:28 5人阅读 评论(0) 收藏
Does the following error message looks familiar to you? (When you go to Site Actions –> Site Sett ...
- as3 代码加解密
private var loader:URLLoader; ... private function init():void { loader = new URLLoader; req=URLRequ ...
- UIButtonTypeSystem backBarButtonItem
当UIButton是UIButtonTypeSystem类型时,改变UIButton的frame,系统会有一个动画改变效果,不想要这个效果,将类型改为UIButtonTypeCustom. backB ...
- hihoCoder#1135
刚开始学习C语言,准备在做hiho的题目的过程中来学习,在此进行记录,如果代码中有错误或者不当的地方还请指正. 时间限制:10000ms 单点时限:1000ms 内存限制:256MB 描述 The c ...
- DataList无数据如何显示
<FooterTemplate> <asp:Label runat="server" ID="emptyLb" Text="No D ...
- javamail 发送附件
1.属性文件 mail.protocol=smtpmail.host=mail.port=mail.auth=truemail.timeout=25000mail.username=mail.pass ...
- Visual Studio 2015 Update 3 ISO
http://download.microsoft.com/download/c/2/6/c26892d8-6a5d-4871-9d46-629f4d430146/vs2015.3.vsu.iso
- Bpmx实施经验
Bpmx是一个较大的平台,直接发布的话会有内存问题,经查阅一些资料,java1.5没有解决好之前版本的历史问题,所以在垃圾处理gc上有很多配置需要手动完成,之后的版本同上. Bpmx平台自带的文档中部 ...