Connection Refused

Chat about twofo and other information sharing portals.

Moderator: Operators

sam_scott89
Posts: 5
Joined: Mon Oct 06, 2008 1:15 am

Connection Refused

Post by sam_scott89 »

Hi guys, running Ubuntu, have installed stunnel and dcpp, both seem to be working fine. But trying to connect to the localhost:8000 connection, I repeatedly get:

*** Connecting to localhost:8000...
*** Connected
*** Connect failed: Connection refused

Would be grateful for any ideas
mids
Posts: 70
Joined: Sat Apr 05, 2008 9:19 pm

Post by mids »

I'm no expert, but did you use the preconfigured stunnel available here (http://www.twofo.co.uk/resources/stunnel.rar) or the standard one google points you to?

EDIT: that's the one I used for windows last year, not sure if it'd work on linux boxes, but there's a part further down the connect page (see below) which explains how to modify your stunnel configuration file...

Also - stunnel has to be running whenever you try to connect to localhost:8000 otherwise it won't connect...

Rampage would be the one to ask about Ubuntu related matters if it's neither of the problems I could think of, I'm sure he's floating around somewhere... and Astropoint knows pretty much everything there is to know about DC++...

Hopefully they'll drop by at some point to back me up/tear me down...

Good luck connecting again, sam_scott89

(further info: http://www.twofo.co.uk/wiki/index.php/Connect)
Rampage
Posts: 243
Joined: Thu May 18, 2006 2:08 am
Location: London
Contact:

Post by Rampage »

mids is right, have you followed the steps at http://www.twofo.co.uk/wiki/index.php/C ... inux_Users to configure stunnel?

If you have could you please post the contents of your "/etc/stunnel/stunnel.conf" file here
User avatar
cocodude
Uber Forum Spammer
Posts: 629
Joined: Tue Oct 04, 2005 5:29 pm
Location: London
Contact:

Post by cocodude »

FYI, Valknut supports SSH connections directly so there's no need for stunnel. Valknut isn't that great though so we highly recommend Linux DC++.
http://www.gigatux.com - Value Linux Virtual/Shared Hosting
User avatar
astropoint
The life and soul of the party
Posts: 1146
Joined: Tue Oct 04, 2005 6:50 pm
Location: Newcastle-Under-Lyme
Contact:

Post by astropoint »

For the purposes of here that means just doing the following to get onto twofo on valknut:

(Yes it looks like alot of steps, but some of them are just "click on this" type things so it takes barely any time at all)

1. Open the hub list (Action menu -> Hub list), if it's not already open

2. Click the "Bookmarks" tab

3. Right click anywhere in the bookmarks list and choose "Add" to bring up the add bookmark dialog

4. Put "hub.twofo.co.uk:4146" in the "Host" box

5. Tick the box next to "Profile", so that the Profile button gets enabled

6. Press the Profile button. The dialog gets bigger, and a "Secure Socket Layer" checkbox appears

7. Tick the "Secure Socket Layer" box, and just connect to the hub.

8. Put your IP from http://checkip.dyndns.org into the IP box in settings.

9. Go to File --> Quick Options --> Download Mode: Single to disable multi source downloading if on campus. See the FAQ for a detailed explanation as to why this should be done.
sam_scott89
Posts: 5
Joined: Mon Oct 06, 2008 1:15 am

Post by sam_scott89 »

Rampage wrote:mids is right, have you followed the steps at http://www.twofo.co.uk/wiki/index.php/C ... inux_Users to configure stunnel?

If you have could you please post the contents of your "/etc/stunnel/stunnel.conf" file here
I think it probably is a problem with stunnel. Had a good search on the internet before asking here. Have used the preconfigured version of the conf file as below:

Code: Select all

; Sample stunnel configuration file by Michal Trojnara 2002-2006
; Some options used here may not be adequate for your particular configuration
; Please make sure you understand them (especially the effect of chroot jail)

; Certificate/key is needed in server mode and optional in client mode
;cert = /etc/stunnel/mail.pem
;key = /etc/stunnel/mail.pem

; Protocol version (all, SSLv2, SSLv3, TLSv1)
sslVersion = SSLv3

; Some security enhancements for UNIX systems - comment them out on Win32
chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4
; PID is created inside chroot jail
pid = /stunnel4.pid

; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
;compression = rle

; Workaround for Eudora bug
;options = DONT_INSERT_EMPTY_FRAGMENTS

; Authentication stuff
;verify = 2
; Don't forget to c_rehash CApath
; CApath is located inside chroot jail
;CApath = /certs
; It's often easier to use CAfile
;CAfile = /etc/stunnel/certs.pem
; Don't forget to c_rehash CRLpath
; CRLpath is located inside chroot jail
;CRLpath = /crls
; Alternatively you can use CRLfile
;CRLfile = /etc/stunnel/crls.pem

; Some debugging stuff useful for troubleshooting
;debug = 7
;output = /var/log/stunnel4/stunnel.log

; Use it for client mode
client = yes

; Service-level configuration

[twofo]
connect = hub.twofo.co.uk:4146
accept = 127.0.0.1:8000

[pop3s]
accept  = 995
connect = 110

[imaps]
accept  = 993
connect = 143

[ssmtp]
accept  = 465
connect = 25

;[https]
;accept  = 443
;connect = 80
;TIMEOUTclose = 0

; vim:ft=dosini
have tried some other things. the problem seems to be that for some reason a stunnel.pem file isn't being created. but all guides on the internet haven't found me a solution so far...

My problem with stunnel follows this thread basically: http://ubuntuforums.org/archive/in.dex. ... 79779.html But the thread is closed.
Had seen somewhere that ps -A |grep stunnel will show if stunnel is running, my output for that is:
7793 ? 00:00:00 stunnel4
7794 ? 00:00:00 stunnel4
7795 ? 00:00:00 stunnel4
7796 ? 00:00:00 stunnel4
7797 ? 00:00:00 stunnel4
7798 ? 00:00:00 stunnel4

It may look like I just have to give up and use my vista partition for dc++ instead. would be a shame though.

Thanks a lot guys for replying so quick btw!
User avatar
astropoint
The life and soul of the party
Posts: 1146
Joined: Tue Oct 04, 2005 6:50 pm
Location: Newcastle-Under-Lyme
Contact:

Post by astropoint »

If it's simply a case of not creating the stunnel.pem file, have you tried sticking the one from the windows zip file into the relevant location? it's all stunnel after all...

http://www.twofo.co.uk/resources/stunnel.zip
sam_scott89
Posts: 5
Joined: Mon Oct 06, 2008 1:15 am

Post by sam_scott89 »

astropoint wrote:If it's simply a case of not creating the stunnel.pem file, have you tried sticking the one from the windows zip file into the relevant location? it's all stunnel after all...

http://www.twofo.co.uk/resources/stunnel.zip
Yea, its the same as in the ubuntuforums thread. copied to the stunnel folder, changed permissions of the pem file

The error message in the terminal is:
sam@sam-laptop:~/Desktop/stunnel-4.26$ stunnel
2008.10.06 17:25:43 LOG3[5649:140360964830944]: Error reading certificate file: /etc/stunnel/stunnel.pem
2008.10.06 17:25:43 LOG3[5649:140360964830944]: error stack: 140DC002 : error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib
2008.10.06 17:25:43 LOG3[5649:140360964830944]: error stack: 20074002 : error:20074002:BIO routines:FILE_CTRL:system lib
2008.10.06 17:25:43 LOG3[5649:140360964830944]: SSL_CTX_use_certificate_chain_file: 200100D: error:0200100D:system library:fopen:Permission denied
User avatar
astropoint
The life and soul of the party
Posts: 1146
Joined: Tue Oct 04, 2005 6:50 pm
Location: Newcastle-Under-Lyme
Contact:

Post by astropoint »

You should be running 'sudo stunnel4' I think, rather than just 'stunnel'
sam_scott89
Posts: 5
Joined: Mon Oct 06, 2008 1:15 am

Post by sam_scott89 »

astropoint wrote:You should be running 'sudo stunnel4' I think, rather than just 'stunnel'
Well that just doesn't do anything
sam_scott89
Posts: 5
Joined: Mon Oct 06, 2008 1:15 am

Post by sam_scott89 »

It shouldnt matter I don't think. There's only 1 version of stunnel on my comp
User avatar
astropoint
The life and soul of the party
Posts: 1146
Joined: Tue Oct 04, 2005 6:50 pm
Location: Newcastle-Under-Lyme
Contact:

Post by astropoint »

I meant to sudo bit mainly. From what I remember it isn't meant to run not as root.
Rampage
Posts: 243
Joined: Thu May 18, 2006 2:08 am
Location: London
Contact:

Post by Rampage »

there is no need of the stunnel.pem file as you are only using stunnel as a client rather than the server.

And from your output stunnel is running os I don't see why it would not be accepting connections.

Try redownload the config file from http://www.twofo.co.uk/wiki/index.php/C ... inux_Users and then run

Code: Select all

sudo stunnel4
Then run the following code and check if stunnel is listening on port 8000.

Code: Select all

netstat -l | grep 8000
which will output something like

Code: Select all

tcp        0      0 *:8000                  *:*                     LISTEN  
Hope that fixes things
Cheers
xyzzy
Posts: 55
Joined: Fri Oct 21, 2005 5:00 pm
Location: Kent

Post by xyzzy »

The stunnel.conf in the .zip needlessly loads the stunnel sample certificate, the one here: http://www.twofo.co.uk/resources/stunnel.conf has a load of extra security for servers (change user/group/root directory) which probably doesn't help.

The minimal config file is:

Code: Select all

output = /tmp/stunnel.log
pid = /tmp/stunnel.pid

[twofo]
client = yes
connect = hub.twofo.co.uk:4146
accept = localhost:8000
That doesn't require sudo.
Rampage
Posts: 243
Joined: Thu May 18, 2006 2:08 am
Location: London
Contact:

Post by Rampage »

Thanks for the info
Post Reply