-
Notifications
You must be signed in to change notification settings - Fork 370
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Address already in use #352
Comments
|
|
This machine is directly connected to the internet? One of its interfaces has Why does your .cfg mix between |
yes, the machine has a fixed ip address on the internet.
In all enabled services I use the external ip in the address. (I think this is required in the transparent setup) |
It's not required afaik. Can you put external IP as listen host and localhost for all redirects and see what error do you get? |
I got exactly the same error by putting localhost in all redirects.
Edit: Also very strange, under this configuration using localhost for redirects,
|
@gilcu3 |
EDITED: (the previous output was due to missing capabilities in the new binary)
|
I am more interested in stack traces of SIGSEGV's. |
According to your previous answers. I presume that you've already tried to force sslh to listen only on localhost? |
Yes, my current config file is
|
Does sslh work if you change
to
or
|
@utoni |
Does it work with transparent disabled? (Sorry if it was mentionned, I couldn't see it..) |
Yes, with transparent mode disabled it seems to work just fine. Right now I am testing with transparent mode active just for the other services I need, so not globally, I will report back in case of error, as sometimes it takes hours for errors to appear. |
I can confirm that this only happens if the service |
@gilcu3 can you link to the internet standard that documents |
@licaon-kter This link is the best I could find |
This is a bit weird. It would mean bind() fails because the remote address/port has been bound already, which would mean we're getting two connections from the same IP/port? |
Is there any way to check something like that? Because then it would/could be a |
(sorry for the delay) -- yes, tcpdump/wireshark, check the syncthing traffic and see if there are two opening TCP handshakes with no closing first (you know, the SYN-SYN/ACK-ACK exchange). I sort-of would expect some operating systems to object and close the connection that |
Is this log enough? |
Re-opening as I closed by accident (commited something for another issue and got the issue number wrong) |
So the pcap shows:
I am not sure what to make of this: if the server closes the socket, I'd expect the port to be available and |
FYI @ftasnetamot ' s patch just got merged (during vacation! :-) ) |
Version: current from master branch
I was trying to setup
sslh
to redirect connections from port443
for several services, mainly anopenssh
,apache2
,shadowsocks
andsyncthing
.config: sslh.cfg.txt
iptables rules: rules.sh.txt
log: sslh.log.txt
command:
sudo ./sslh-select --config=sslh.cfg --foreground --user=sslh
syncthing
connections from one machine are correctly redirected, while connections from the same software on another machine get errors:All other services work correctly from all machines.
Weirdly, changing the connection route (using a vpn service for example) in the client machine with the error makes the error go away. Also, on few occasions that I cannot reproduce, the error doesn't happen.
The text was updated successfully, but these errors were encountered: