home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
OS/2 Shareware BBS: 10 Tools
/
10-Tools.zip
/
stunn322.zip
/
stunnel.txt
< prev
next >
Wrap
Text File
|
2002-08-26
|
3KB
|
51 lines
stunnel [-h] [-V] [-c | -T] [-D level] [-C cipherlist] [-p pemfile]
[-v level] [-A certfile] [-a directory] [-S sources] [-t timeout]
[-u ident_username] [-s setuid_user] [-g setgid_group] [-n protocol]
[-R randfile] [-E egdsock] [-B bytes] [-P { dir/ | filename | none } ]
[-d [host:]port [-f] ]
[-r [host:]port | { -l | -L } program [-- args] ]
-h print this help screen
-V print stunnel version and compile-time defaults
-d [host:]port daemon mode (host defaults to INADDR_ANY)
-r [host:]port connect to remote service (host defaults to INADDR_LOOPBACK)
-l program execute local inetd-type program
-L program open local pty and execute program
-c client mode (remote service uses SSL)
-f foreground mode (don't fork, log to stderr)
-I host local IP address to be used as source for remote connections
-T transparent proxy mode on hosts that support it
-p pemfile private key and certificate chain PEM filename
-v level verify peer certificate
level 1 - verify peer certificate if present
level 2 - require valid peer certificate always
level 3 - verify peer with locally installed certificate
-a directory client certificate directory for -v options
-A certfile CA certificate for -v options
-S sources which certificate source defaults to use
0 = ignore all defaults sources
1 = use ssl library defaults
2 = use stunnel defaults
3 = use both ssl library and stunnel defaults
-t timeout session cache timeout
-u user use IDENT (RFC 1413) username checking
-n proto negotiate SSL with specified protocol
currently supported: smtp, pop3, nntp
-N name service name to use for tcp wrapper checking
-s username setuid() to username in daemon mode
-g groupname setgid() to groupname in daemon mode
-P arg specify pid file { dir/ | filename | none }
-C list set permitted SSL ciphers
-E socket path to Entropy Gathering Daemon socket
-B bytes how many bytes to read from random seed files
-R file path to file with random seed data
-W do not overwrite random seed datafiles with new random data
-D [fac.]lev debug level (e.g. daemon.info)
-O a|l|r:option=value[:value] set an option on accept/local/remote socket
-o file append log messages to a file
See stunnel -V output for default values