I'm looking for some help regarding an stunnel configuration I'm working on. Basically I want to have a DMZ machine accept inbound connections to port 80 and 110, and then forward them through my firewall on port 22 to a machine that will then forward the traffic to port 80 and 110 locally. Is this even possible?
Basically I would have this on my DMZ:
[http]
listen = localhost:80
connect = server:22
cert = cert.pem
[pop3]
listen = localhost:110
connect = server:22
cert = cert.pem
And on my server I would have:
[http]
listen = localhost:22
connect = localhost:80
[pop3]
listen = localhost:22
connect = localhost:110
Does this make any sense? Port 22 is already open on my firewall and I don't want to have to open 2 more ports.
Any info would be greatly appreciated…
Thanks!
Best Answer
You can maybe use stunnel in addition with sslh : http://www.rutschle.net/tech/sslh.shtml
sslh is a little program that analyse the protocol and redirect the package according to the protocol.
According to the man page:
a configuration file example is available at /usr/share/doc/sslh/examples/example.cfg (debian)
this might look like this in the end (I didn't test it):
your stunnel server.conf would become: